Security Advisories - PKSA-4gr3-459g-ssmq - Packagist.org

PKSA-4gr3-459g-ssmq Security Advisory

[MEDIUM] Craft CMS vulnerable to Server-Side Request Forgery (SSRF) via GraphQL Asset Upload Mutation

PKSA-4gr3-459g-ssmq CVE-2025-68437 GHSA-x27p-wfqw-hfcc

Affected package: craftcms/cms

Affected version: >=3.5.0,<=4.16.16|>=5.0.0-RC1,<=5.8.20

Reported by:
GitHub