CNNVD-202601-4450 Information

CNNVD ID

CNNVD-202601-4450

Related CVE

CVE-2026-24736

• CNNVD Published: 2026-01-27

Description (Chinese)

Squidex是Squidex开源的一个内容管理系统。 Squidex 7.21.0及之前版本存在代码问题漏洞，该漏洞源于Webhook配置中的URL参数未验证或限制目标IP地址，可能导致完全读取的服务端请求伪造。

Description (English)

Squidex is an open-source content management system for Squidex. Squidex 7.21.0 and previous versions had a code problem loophole, which stemmed from the fact that the URL parameters in the Webhook configuration did not verify or limit the target IP address, which could result in a completely readable service-end request being falsified.

Hazard Level

Low

Vulnerability Type

代码问题

Affected Vendor

Squidex

Published

2026-01-27

Last Modified

2026-02-24

References

https://github.com/Squidex/squidex/security/advisories/GHSA-wxg2-953m-fg2w https://access.redhat.com/security/cve/cve-2026-24736