Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:30 p.m.9 views

CVE-2026-42140

PlantUML Macro is a macro for rendering UML diagrams from simple textual schemes. Prior to version 2.4.1, the PlantUML Macro is vulnerable to Server-Side Request Forgery SSRF. The macro allows users to specify an alternative PlantUML server via the server parameter. However, the application does...

4.4CVSS5.4AI score0.00151EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/05 7:32 p.m.8 views

EUVD-2026-27073

XWiki PlantUML Macro Vulnerable to Server-Side Request Forgery SSRF via 'server' parameter...

4.4CVSS5.8AI score0.00151EPSS
Exploits0References4
OSV
OSV
added 2026/05/05 7:32 p.m.4 views

GHSA-42FC-7W97-8VRC XWiki PlantUML Macro Vulnerable to Server-Side Request Forgery (SSRF) via 'server' parameter

Impact The PlantUML Macro is vulnerable to Server-Side Request Forgery SSRF. The macro allows users to specify an alternative PlantUML server via the server parameter. However, the application does not validate the supplied URL. An attacker can supply an internal IP address or a malicious externa...

4.4CVSS5.9AI score0.00151EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/05/05 7:32 p.m.13 views

XWiki PlantUML Macro Vulnerable to Server-Side Request Forgery (SSRF) via 'server' parameter

Impact The PlantUML Macro is vulnerable to Server-Side Request Forgery SSRF. The macro allows users to specify an alternative PlantUML server via the server parameter. However, the application does not validate the supplied URL. An attacker can supply an internal IP address or a malicious externa...

4.4CVSS5.9AI score0.00151EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2026/05/04 6:16 p.m.8 views

CVE-2026-42140

PlantUML Macro is a macro for rendering UML diagrams from simple textual schemes. Prior to version 2.4.1, the PlantUML Macro is vulnerable to Server-Side Request Forgery SSRF. The macro allows users to specify an alternative PlantUML server via the server parameter. However, the application does...

4.4CVSS0.00151EPSS
Exploits0References3
CVE
CVE
added 2026/05/04 5:37 p.m.13 views

CVE-2026-42140

The CVE covers the PlantUML Macro used in XWiki, where the vulnerability lies in the server parameter not being validated. Prior to version 2.4.1, an attacker can supply an arbitrary URL (including internal addresses) to the server parameter, causing the XWiki server to attempt to connect for ren...

4.4CVSS5.8AI score0.00151EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/04 5:37 p.m.6 views

CVE-2026-42140

PlantUML Macro is a macro for rendering UML diagrams from simple textual schemes. Prior to version 2.4.1, the PlantUML Macro is vulnerable to Server-Side Request Forgery SSRF. The macro allows users to specify an alternative PlantUML server via the server parameter. However, the application does...

4.4CVSS5.8AI score0.00151EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/05/04 5:37 p.m.35 views

CVE-2026-42140 Server-Side Request Forgery (SSRF) in PlantUML Macro via 'server' parameter

PlantUML Macro is a macro for rendering UML diagrams from simple textual schemes. Prior to version 2.4.1, the PlantUML Macro is vulnerable to Server-Side Request Forgery SSRF. The macro allows users to specify an alternative PlantUML server via the server parameter. However, the application does...

4.4CVSS0.00151EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/04 5:37 p.m.5 views

CVE-2026-42140 Server-Side Request Forgery (SSRF) in PlantUML Macro via 'server' parameter

PlantUML Macro is a macro for rendering UML diagrams from simple textual schemes. Prior to version 2.4.1, the PlantUML Macro is vulnerable to Server-Side Request Forgery SSRF. The macro allows users to specify an alternative PlantUML server via the server parameter. However, the application does...

4.4CVSS5.8AI score0.00151EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.9 views

PlantUML Macro 代码问题漏洞

PlantUML Macro is an open-source tool developed by XWiki Contrib that generates chart images from textual definitions. Versions of PlantUML Macro prior to 2.4.1 had code vulnerabilities; these vulnerabilities stemmed from the lack of validation of the URLs provided by server parameters, which cou...

4.4CVSS5.9AI score0.00151EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/04 12:0 a.m.8 views

PT-2026-36886

Name of the Vulnerable Software and Affected Versions PlantUML Macro versions prior to 2.4.1 Description PlantUML Macro, used for rendering UML diagrams from textual schemes, contains a Server-Side Request Forgery SSRF flaw. The application fails to validate the URL provided through the server...

4.4CVSS5.8AI score0.00151EPSS
Exploits0References8
Rows per page
Query Builder