Skip to main content

Prompts Chat CVE-2026-22662

| EUVDEUVD-2026-18823 MEDIUM
Server-Side Request Forgery (SSRF) (CWE-918)
2026-04-03 VulnCheck GHSA-gv6r-fmg6-c7v4
5.3
CVSS 4.0 · Vendor: VulnCheck
Share

Severity by source

Vendor (VulnCheck) PRIMARY
5.3 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from Vendor (VulnCheck) · only source for this CVE.

CVSS VectorVendor: VulnCheck

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

4
EUVD ID Assigned
Apr 03, 2026 - 20:45 euvd
EUVD-2026-18823
Analysis Generated
Apr 03, 2026 - 20:45 vuln.today
Patch released
Apr 03, 2026 - 20:45 nvd
Patch available
CVE Published
Apr 03, 2026 - 20:27 nvd
MEDIUM 5.3

DescriptionCVE.org

prompts.chat prior to commit 1464475 contains a blind server-side request forgery vulnerability in the Wiro media generator that allows authenticated users to perform server-side fetches of user-controlled inputImageUrl parameters. Attackers can exploit this vulnerability by sending POST requests to the /api/media-generate endpoint to probe internal networks, access internal services, and exfiltrate data through the upstream Wiro service without receiving direct response bodies.

AnalysisAI

Blind server-side request forgery in prompts.chat media generator allows authenticated users to manipulate the inputImageUrl parameter in /api/media-generate POST requests to perform arbitrary server-side HTTP fetches, enabling internal network reconnaissance, access to internal services, and potential data exfiltration through the upstream Wiro service without receiving direct response bodies. The vulnerability affects prompts.chat prior to commit 1464475 and requires valid user authentication; patch availability has been confirmed through vendor repository.

Technical ContextAI

The vulnerability resides in the Wiro media generator component of prompts.chat (CPE: cpe:2.3:a:f:prompts.chat:*:*:*:*:*:*:*:*), which processes user-supplied inputImageUrl parameters in media generation requests. The root cause is classified under CWE-918 (Server-Side Request Forgery), indicating that the application fails to validate or restrict the destination of server-initiated HTTP requests. The /api/media-generate endpoint performs server-side image fetching based on user-controlled input without implementing proper URL validation, hostname filtering, or network segmentation controls. The SSRF is classified as 'blind' because attackers do not receive direct response bodies from their requested resources, limiting direct data exfiltration to what can be inferred from response timing, status codes, or side-channel behaviors relayed through the Wiro service.

RemediationAI

Apply the vendor-released patch by updating prompts.chat to the version incorporating commit 1464475df2698fb7ccd0cdbc382b0750466f891d or later. Review the patch implementation in GitHub PR #1102 to understand the fix approach. As an interim workaround pending patch deployment, restrict network access from the prompts.chat application server to internal services and sensitive networks using firewall rules or network policies, implement strict URL validation and hostname allowlisting in the /api/media-generate endpoint to reject requests targeting private IP ranges (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 127.0.0.0/8, ::1/128, fc00::/7) or internal DNS names, and monitor outbound HTTP requests from the application for suspicious patterns. Additional details and patching guidance are available from the VulnCheck advisory at https://www.vulncheck.com/advisories/prompts-chat-blind-ssrf-via-media-generate.

Share

CVE-2026-22662 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy