CVE-2026-33399 | ellite Wallos up to 4.6.x Notifications validate_webhook_url_for_ssrf server-side request forgery

Inserito da Angelo Barbosa | Mar 24, 2026 | CVE

A vulnerability classified as critical was found in ellite Wallos up to 4.6.x. This vulnerability affects the function validate_webhook_url_for_ssrf of the component Notifications Handler. Executing a manipulation can lead to server-side request forgery.

This vulnerability appears as CVE-2026-33399. The attack may be performed from remote. There is no available exploit.

Upgrading the affected component is advised.

CVE-2026-33399 | ellite Wallos up to 4.6.x Notifications validate_webhook_url_for_ssrf server-side request forgery

Post correlati

CVE-2025-15148 | CmsEasy up to 7.7.7 Backend Template Management Page template_admin.php savetemp_action content/tempdata code injection

CVE-2024-36175 | Adobe Experience Manager up to 6.5.20 cross site scripting (apsb24-28)

CVE-2025-71177 | LavaLite CMS up to 10.1.0 cross site scripting (Issue 420)

CVE-2023-6203 | Events Calendar Plugin up to 6.2.8.0 on WordPress Password information disclosure