Security Advisory

CVE-2026-41172

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-04-22 21:22:55

Last updated 2026-04-23 12:52:16

Assigner GitHub_M

State PUBLISHED

Description

Squidex is an open source headless content management system and content management hub. Prior to version 7.23.0, an SSRF vulnerability allows a user with asset upload permission to force the server to fetch arbitrary URLs, including localhost/private network targets, and persist the response as an asset. Version 7.23.0 contains a fix.

← Browse all CVEs View on cve.org ↗