CVE-2026-49328 – Apache Fesod (Incubating): Improper validation of user-supplied URLs leading to SSRF

CVE ID :CVE-2026-49328

Published : June 1, 2026, 11:16 a.m. | 1 hour, 16 minutes ago

Description :Server-Side Request Forgery (SSRF) in the UrlImageConverter component of Apache Fesod (Incubating) fesod-sheet before 2.0.2-incubating allows attackers to cause outbound network requests to internal or otherwise restricted resources via a user-supplied image URL. Users are recommended to upgrade to version 2.0.2-incubating, which fixes this issue.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-25600 – Credential Exposure Vulnerability in Trac PDBM

CVE-2026-25599 – Missing authentication and clear‑text data transmission affecting Orca heat pumps

CVE-2026-10250 – itsourcecode Online Blood Bank Management System campsdetails.php sql injection

CVE-2026-10249 – itsourcecode Online Blood Bank Management System viewrequest.php sql injection