Severity by source
AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Lifecycle Timeline
6DescriptionGitHub Advisory
Postiz is an AI social media scheduling tool. Prior to version 2.21.3, the GET /public/stream endpoint in PublicController accepts a user-supplied url query parameter and proxies the full HTTP response back to the caller. The only validation is url.endsWith('mp4'), which is trivially bypassable by appending .mp4 as a query parameter value or URL fragment. The endpoint requires no authentication and has no SSRF protections, allowing an unauthenticated attacker to read responses from internal services, cloud metadata endpoints, and other network-internal resources. This issue has been patched in version 2.21.3.
AnalysisAI
Server-side request forgery in Postiz AI social media scheduling tool (versions < 2.21.3) allows unauthenticated remote attackers to read internal network resources and cloud metadata endpoints through the /public/stream proxy endpoint. The vulnerability bypasses trivial .mp4 validation via query parameters or URL fragments, enabling unauthorized access to internal services without authentication. No public exploit identified at time of analysis, but CVSS 8.6 reflects high confidentiality impact with network-level attack vector and low complexity. EPSS data not available, but the combination of no authentication requirement and cloud metadata access risk makes this a priority for organizations running Postiz in cloud environments.
Technical ContextAI
This is a classic Server-Side Request Forgery (CWE-918) vulnerability in Postiz's PublicController component. The /public/stream endpoint was designed to proxy video content (hence the .mp4 validation), but implements only suffix-based URL filtering that checks url.endsWith('mp4'). This validation is fundamentally flawed because HTTP URLs can contain arbitrary query strings (e.g., http://169.254.169.254/latest/meta-data?.mp4) or fragments (e.g., http://internal-service/admin#.mp4) that satisfy the suffix check while pointing to non-video resources. The endpoint acts as an open HTTP proxy, forwarding requests to attacker-controlled destinations and returning full responses. In cloud environments, this enables access to instance metadata services (AWS 169.254.169.254, GCP metadata.google.internal, Azure 169.254.169.254) which can expose credentials, API keys, and configuration data. The affected product per CPE data is gitroomhq:postiz-app versions prior to 2.21.3.
RemediationAI
Upgrade immediately to Postiz version 2.21.3 or later, which contains patches for the SSRF vulnerability. The patched release is available at https://github.com/gitroomhq/postiz-app/releases/tag/v2.21.3 and includes proper URL validation that prevents bypassing the .mp4 suffix check. If immediate patching is not possible, implement network-level controls as temporary mitigation: configure egress filtering to block the Postiz application server from accessing internal networks and cloud metadata endpoints (169.254.169.254, metadata.google.internal, etc.), and place the application behind a web application firewall with SSRF protection rules. Additionally, restrict access to the /public/stream endpoint at the network perimeter if the streaming functionality is not required for your deployment. Review application logs for suspicious requests to the /public/stream endpoint with unusual URL parameters to identify potential exploitation attempts. After patching, verify the fix by attempting to access internal resources through the endpoint to confirm proper validation is enforced.
More in Postiz App
View allPrivilege escalation to SUPERADMIN in Postiz (gitroomhq/postiz-app) versions prior to 2.21.8 allows any authenticated us
Postiz is an AI social media scheduling tool. From version 2.21.6 to before version 2.21.7, any authenticated user who c
Server-side request forgery (SSRF) in Postiz social media scheduling tool versions prior to 2.21.3 allows authenticated
Server-side request forgery in Postiz (gitroomhq postiz-app) versions prior to 2.21.5 allows unauthenticated remote atta
Business-logic authentication bypass in Postiz self-hosted AI social media scheduler (gitroomhq/postiz-app) before 2.21.
Postiz is an AI social media scheduling tool. From version 2.16.6 to before version 2.21.7, all SSRF protections added i
Server-side request forgery (SSRF) in Postiz prior to version 2.21.4 allows authenticated users to create webhooks point
Unauthenticated exploitation of Postiz's `/public/modify-subscription` endpoint allowed any caller in possession of a va
Same weakness CWE-918 – Server-Side Request Forgery (SSRF)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-18448