EUVD-2026-16629
GHSA-xmm3-9x39-98r5
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4Description
A weakness has been identified in mingSoft MCMS 迄 5.5.0. This issue affects the function catchImage of the file net/mingsoft/cms/action/BaseAction.java of the component Editor Endpoint. Executing a manipulation of the argument catchimage can lead to server-side request forgery. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks.
Analysis
Server-side request forgery in mingSoft MCMS versions through 5.5.0 enables remote unauthenticated attackers to force the application server to make arbitrary HTTP requests to internal or external systems via the catchimage parameter in the Editor Endpoint's catchImage function. Publicly available exploit code exists (GitHub POC published), increasing immediate risk. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Identify and inventory all mingSoft MCMS deployments running version 5.5.0 or earlier; implement network segmentation to restrict outbound HTTP/HTTPS from MCMS servers and disable or restrict access to the Editor Endpoint's catchImage function if operationally feasible. Within 7 days: Apply input validation and WAF rules to reject suspicious catchimage parameter values; conduct network traffic analysis to detect anomalous outbound requests from MCMS servers. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today