Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Network-exploitable with authenticated low-privilege access; scope changes to internal container services justify S:C, with low C and I reflecting limited service probing impact.
Primary rating from Vendor (GitHub_M).
CVSS VectorVendor: GitHub_M
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2DescriptionCVE.org
Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 2.1, the outbound HTTP host filter applied by WebClientUtils (used by the REST API and GraphQL datasource plugins) validates hosts against an exact-match string denylist. The comprehensive address-class check (loopback, any-local, link-local, fc00::/7) exists only on a separate code path used by SMTP, not by the HTTP plugin path. As a result, an authenticated user can craft outbound requests that reach loopback-bound services inside the container. This vulnerability is fixed in 2.1.
AnalysisAI
Server-side request forgery in Appsmith prior to version 2.1 allows authenticated users to reach loopback-bound services inside the deployment container by exploiting a split code path in host validation logic. The WebClientUtils component used by REST API and GraphQL datasource plugins enforces only an exact-match string denylist, while the comprehensive address-class check covering loopback, any-local, link-local, and fc00::/7 IPv6 ranges exists solely on the SMTP plugin code path - leaving the HTTP path bypassable. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires an authenticated Appsmith session with at least low-privilege access to create or modify REST API or GraphQL datasource plugin configurations - the vulnerable code path is only reachable through these two plugin types. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 base score of 5.3 (Medium) with vector AV:N/AC:L/AT:N/PR:L/UI:N reflects the real-world constraint: exploitation requires a low-privilege authenticated session, which substantially limits the exposed attack surface compared to unauthenticated SSRF. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An authenticated Appsmith user with datasource configuration permissions creates a new REST API datasource and sets the base URL to a loopback address variant not matched by the exact-match string denylist (e.g., an IPv6 representation of localhost or a non-standard encoding). The platform's WebClientUtils issues the outbound HTTP request without triggering the comprehensive address-class check, reaching an internal container service such as an unauthenticated admin API or metadata endpoint. … |
| Remediation | Upgrade Appsmith to version 2.1 or later, which introduces the comprehensive address-class validation (loopback, any-local, link-local, fc00::/7) on the HTTP plugin code path in WebClientUtils, closing the denylist bypass. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
An issue was discovered in Appsmith before 1.52. Rated critical severity (CVSS 9.8), this vulnerability is remotely expl
Appsmith before 1.93 allows attackers to control the Origin header value used as the base URL in password reset and emai
Server-side JavaScript injection in Appsmith through 1.7.14 allows remote attackers to execute arbitrary JavaScript code
AppSmith Community 1.8.3 before 1.46 allows SSRF via New DataSource for application/json requests to 169.254.169.254 to
Server-Side Request Forgery (SSRF) in GitHub repository appsmithorg/appsmith prior to 1.8.2. Rated medium severity (CVSS
Stored XSS in Appsmith's SQL query editor autocomplete allows an authenticated Developer-role user to inject persistent
Reverse-proxy takeover in Appsmith versions prior to 2.1 lets an authenticated low-privileged user abuse server-side req
Appsmith platform version 1.94 and below has a missing authorization vulnerability that allows unauthenticated access to
Appsmith platform prior to version 1.96 has a critical stored XSS enabling account takeover through crafted admin panel
Authenticated command execution in Appsmith versions prior to 2.1 lets any administrator run arbitrary OS commands insid
Appsmith v1.7.11 was discovered to allow attackers to execute an authenticated Server-Side Request Forgery (SSRF) via re
Appsmith versions prior to 1.98 allow unauthenticated remote attackers to access sensitive instance management API endpo
Same weakness CWE-918 – Server-Side Request Forgery (SSRF)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-39111