CVE-2026-35036 | lin-snow Ech0 up to 4.2.7 Response Body /api/website/title server-side request forgery (GHSA-wc4h-2348-jc3p)

Inserito da Angelo Barbosa | Apr 6, 2026 | CVE

A vulnerability described as critical has been identified in lin-snow Ech0 up to 4.2.7. This issue affects some unknown processing of the file /api/website/title of the component Response Body Handler. Executing a manipulation can lead to server-side request forgery.

This vulnerability is tracked as CVE-2026-35036. The attack can be launched remotely. No exploit exists.

Upgrading the affected component is recommended.

CVE-2026-35036 | lin-snow Ech0 up to 4.2.7 Response Body /api/website/title server-side request forgery (GHSA-wc4h-2348-jc3p)

Post correlati

CVE-2025-54659 | Fortinet FortiSOAR Agent Communication Bridge up to 1.0.2/1.1.0 Request path traversal (FG-IR-26-084)

CVE-2024-8725 | Advanced File Manager Plugin up to 5.2.8 on WordPress unrestricted upload

CVE-2024-2594 | Amssplus AMSS++ 4.31 index.php cross site scripting

CVE-2023-49187 | Spoonthemes Adifier Theme up to 3.1.3 on WordPress cross site scripting