PKSA-jsy4-k6z3-fcjb Security Advisory
-
[MEDIUM] Craft CMS Vulnerable to SSRF in GraphQL Asset Mutation via Alternative IP Notation
PKSA-jsy4-k6z3-fcjb CVE-2026-25494 GHSA-m5r2-8p9x-hp5m
Affected package: craftcms/cms
Affected version: >=4.0.0-RC1,<=4.16.17|>=5.0.0-RC1,<=5.8.21
Reported by:
GitHub