CVE-2026-42141 | xibosignage xibo-cms up to 4.4.0 server-side request forgery (GHSA-fwq8-c4gw-pxmh)

Inserito da Angelo Barbosa | Mag 12, 2026 | CVE

A vulnerability was found in xibosignage xibo-cms up to 4.4.0. It has been rated as critical. Affected is an unknown function. This manipulation causes server-side request forgery.

This vulnerability is tracked as CVE-2026-42141. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is advised.

CVE-2026-42141 | xibosignage xibo-cms up to 4.4.0 server-side request forgery (GHSA-fwq8-c4gw-pxmh)

Post correlati

CVE-2023-47865 | Mattermost up to 7.8.12/8.1.3 Username Icon access control

CVE-2024-0477 | code-projects Fighting Cock Information System 1.0 update-deworm.php usage_deworm sql injection

CVE-2024-8945 | CodeCanyon RISE Ultimate Project Manager 3.7.0 save id sql injection

CVE-2024-8182 | FlowiseAI Flowise 1.8.2 /api/v1/get-upload-file denial of service