CVE-2026-33399 | ellite Wallos up to 4.6.x Notifications validate_webhook_url_for_ssrf server-side request forgery

Inserito da Angelo Barbosa | Mar 24, 2026 | CVE

A vulnerability classified as critical was found in ellite Wallos up to 4.6.x. This vulnerability affects the function validate_webhook_url_for_ssrf of the component Notifications Handler. Executing a manipulation can lead to server-side request forgery.

This vulnerability appears as CVE-2026-33399. The attack may be performed from remote. There is no available exploit.

Upgrading the affected component is advised.

CVE-2026-33399 | ellite Wallos up to 4.6.x Notifications validate_webhook_url_for_ssrf server-side request forgery

Post correlati

CVE-2024-5020 | Gallery Plugin on WordPress FancyBox JavaScript Library cross site scripting

CVE-2025-23859 | Joshua Wieczorek Daily Proverb Plugin up to 2.0.3 on WordPress cross site scripting

CVE-2024-9981 | FormosaSoft ee-class prior 20240326.13r14494 filename control

CVE-2024-43795 | OpenC3 cosmos Open Source Edition up to 5.18.x cross site scripting (GHSA-vfj8-5pj7-2f9g)