Severity by source
AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Lifecycle Timeline
4Blast Radius
ecosystem impact- 2 npm packages depend on payload (2 direct, 0 indirect)
Ecosystem-wide dependent count for version 3.79.1.
DescriptionGitHub Advisory
Payload is a free and open source headless content management system. Prior to version 3.79.1, an authenticated Server-Side Request Forgery (SSRF) vulnerability exists in the upload functionality. Authenticated users with create or update access to an upload-enabled collection could cause the server to make outbound HTTP requests to arbitrary URLs. This issue has been patched in version 3.79.1.
AnalysisAI
Server-Side Request Forgery in Payload CMS versions prior to 3.79.1 allows authenticated users with upload permissions to force the server to make HTTP requests to arbitrary URLs, potentially exposing internal network resources and sensitive data. The vulnerability affects the upload functionality and enables information disclosure with high confidentiality impact. CVSS score of 7.7 reflects network-accessible attack vector with low complexity requiring only low-privilege authentication. No public exploit identified at time of analysis, though the vulnerability requires only basic authenticated access to upload-enabled collections.
Technical ContextAI
Payload CMS is a TypeScript-based headless content management system built on Node.js that provides RESTful and GraphQL APIs for content delivery. This vulnerability stems from CWE-918 (Server-Side Request Forgery), where the upload functionality fails to properly validate or sanitize URLs provided during file upload operations. When processing upload requests, the application makes outbound HTTP requests to user-controlled URLs without adequate validation, allowing authenticated attackers to proxy requests through the server. The CVSS vector PR:L indicates low-privilege authentication is required, meaning any authenticated user with create or update permissions on collections configured with upload functionality can exploit this. The scope change (S:C) indicates the vulnerability affects resources beyond the vulnerable component, typical of SSRF attacks that can pivot to internal network resources, cloud metadata endpoints (AWS EC2 metadata, Azure IMDS), or internal services not directly accessible from the attacker's network position.
RemediationAI
Upgrade immediately to Payload CMS version 3.79.1 or later, which contains the complete fix for this SSRF vulnerability. The vendor-released patch is available through the official GitHub releases at https://github.com/payloadcms/payload/releases/tag/v3.79.1. Organizations should prioritize this upgrade for any internet-facing Payload CMS installations or deployments with access to sensitive internal resources. As a temporary risk reduction measure pending upgrade, review and restrict user permissions on upload-enabled collections to only trusted administrators, though this does not eliminate the vulnerability. Network segmentation and egress filtering can provide defense-in-depth by limiting which external or internal resources the Payload CMS server can reach, reducing the impact of successful SSRF exploitation. The GitHub security advisory at https://github.com/payloadcms/payload/security/advisories/GHSA-6r7f-q7f5-wpx8 provides additional technical details and context.
An arbitrary file upload vulnerability in the file upload module of PayloadCMS v0.15.0 allows attackers to execute arbit
Payload CMS prior to 3.73.0 has a SQL injection vulnerability when querying structured data, enabling database compromis
Stored Cross-Site Scripting (XSS) in Payload CMS versions prior to 3.78.0 allows authenticated users with write permissi
SQL injection in Payload CMS versions prior to 3.79.1 allows authenticated attackers to manipulate database queries and
Payload CMS prior to v3.75.0 contains a Server-Side Request Forgery vulnerability in its external file upload feature th
Payload is a free and open source headless content management system. Rated medium severity (CVSS 6.5), this vulnerabili
Payload CMS versions prior to 3.79.1 contain a cross-site request forgery (CSRF) vulnerability in the authentication flo
Cross-collection IDOR in Payload CMS before v3.74.0 allows authenticated users to read and delete preferences from other
Same weakness CWE-918 – Server-Side Request Forgery (SSRF)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-18011
GHSA-6r7f-q7f5-wpx8