GHSA-395g-c5fv-7hfhMediumCVSS 6.4
MaxKB before 2.10.0 contains a server-side request forgery vulnerability in tool creation and...
🔗 CVE IDs covered (1)
📋 Description
MaxKB before 2.10.0 contains a server-side request forgery vulnerability in tool creation and update endpoints that allows authenticated users to make arbitrary server requests by supplying unvalidated downloadCallbackUrl and download_url parameters. Attackers with default workspace USER role can exploit this to access internal network services by providing malicious URLs to the ToolSerializer endpoints.
🔗 References (5)
- https://nvd.nist.gov/vuln/detail/CVE-2026-56779
- https://github.com/1Panel-dev/MaxKB/issues/6272
- https://github.com/1Panel-dev/MaxKB/commit/6c156afc656afa62ea4280e504a06ac1c9696b36
- https://www.vulncheck.com/advisories/maxkb-server-side-request-forgery-via-downloadcallbackurl-and-download-url-parameters
- https://github.com/advisories/GHSA-395g-c5fv-7hfh