Skip to main content

Kimai CVE-2026-49865

MEDIUM
Server-Side Request Forgery (SSRF) (CWE-918)
2026-07-10 https://github.com/kimai/kimai GHSA-pj8j-p4g4-4vw8
Share

Severity by source

vuln.today AI
5.0 MEDIUM

Network-reachable with low complexity; PR:L because customer-field write access requires an authenticated role; Scope:Changed as server contacts out-of-scope systems; C:L for internal service probing with no direct integrity or availability impact.

3.1 AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N

Estimated by vuln.today — no official severity rating has been published for this CVE yet.

Lifecycle Timeline

1
Analysis Generated
Jul 10, 2026 - 16:37 vuln.today

DescriptionCVE.org

Summary

Kimai 2.56.0 contains a server-side request forgery vulnerability in its invoice PDF preview and generation workflow. If an attacker can control Markdown content that is later rendered into an invoice PDF, such as Customer.invoiceText, the server-side PDF renderer will fetch remote image URLs embedded in Markdown image syntax.

This allows the application server to issue outbound requests to attacker-controlled or internal targets during PDF rendering. The behavior can be used for internal network probing, server-side reachability checks, and potentially follow-on exploitation depending on deployment environment and accessible internal services.

Details

The vulnerable behavior occurs in the invoice rendering chain when user-controlled Markdown is transformed into HTML and then rendered by mPDF.

  • First, customer invoice text is copied into the invoice model.

. Second, the default PDF invoice template renders that field through the Markdown-to-HTML filter.

  • Third, md2html enables full Markdown rendering.
  • Although safe mode is enabled, the tested Markdown image syntax still survives into the rendered HTML chain in a form that causes the PDF renderer to fetch the image resource.
  • Finally, the HTML is handed to mPDF.

The live test confirms that mPDF attempts to retrieve the remote image URL from the server side during PDF preview. This means the issue is not a template-injection problem but an SSRF condition caused by the rendering pipeline:

  • attacker-controlled Markdown
  • Markdown converted to HTML
  • HTML rendered by mPDF
  • mPDF fetches remote image resources from the server side

*A PoC was provided, but removed for security reasons.*

Impact

This vulnerability allows an attacker who can influence invoice-rendered Markdown fields to cause the Kimai server to make outbound requests to arbitrary destinations. In real deployments, this can be used to probe internal services, test access to internal administrative or metadata endpoints, and confirm server-side reachability to attacker-controlled infrastructure.

Depending on the environment, SSRF can also become a stepping stone toward more serious outcomes, such as triggering side effects on internal HTTP services or extracting sensitive information from services reachable only by the server. Because invoice generation is commonly performed by administrative or finance-related users, the feature is realistically reachable in business workflows.

Solution

  • Kimai does not allow to use markdown images any longer and converts them to HTML links instead
  • Kimai uses a specialized HttpClient for mPDF (called NoPrivateNetworkHttpClient), which prevents access to a variety of URLs, the full list can be fetched from the documentation
  • This change can be a BC break, if someone used
  • the Kimai domain for hosting invoice or export template images
  • an internal IP for hosting invoice or export template images

See https://www.kimai.org/en/security/ghsa-pj8j-p4g4-4vw8

AnalysisAI

Server-side request forgery in Kimai 2.56.0 allows authenticated users with write access to Markdown-rendered invoice fields to force the application server to issue outbound HTTP requests to attacker-controlled or internal network destinations. The vulnerability surfaces during invoice PDF preview and generation, where user-controlled Markdown is processed through an md2html filter and handed to mPDF, which fetches embedded image URLs server-side even with safe mode enabled. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Authenticate to Kimai with customer-record write access
Delivery
Inject malicious Markdown image URL into Customer.invoiceText
Exploit
Trigger invoice PDF preview for that customer
Execution
md2html converts Markdown to HTML, preserving image tag
Persist
mPDF fetches attacker-specified URL server-side
Impact
Probe internal network services or cloud metadata endpoint

Vulnerability AssessmentAI

Exploitation Exploitation requires an authenticated Kimai session with write access to Markdown-rendered invoice fields such as Customer.invoiceText - this is typically held by administrative or finance-role users, not general authenticated users. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment No vendor-supplied CVSS vector or EPSS score is available for this CVE; risk must be assessed from the description and contextual signals alone. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An authenticated Kimai user with access to customer records injects a Markdown image tag referencing an internal service - for example, the AWS EC2 instance metadata endpoint at http://169.254.169.254/latest/meta-data/ - into the Customer.invoiceText field. When the same attacker (or any other authorized user) triggers an invoice PDF preview for that customer, the mPDF renderer issues an HTTP GET request from the Kimai server to the embedded URL, confirming reachability to internal services or returning sensitive metadata content. …
Remediation Upgrade Kimai to the patched release issued after 2.56.0 per the vendor advisory at https://github.com/kimai/kimai/security/advisories/GHSA-pj8j-p4g4-4vw8 - the exact patched version number is not stated in available data, so consult the Kimai release page directly to identify the first version containing the fix. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-49865 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy