Lucene search
+L

6 matches found

OSV
OSV
added 2026/04/01 9:36 p.m.1 views

GHSA-P6MR-XF3R-GHQ4 Payload has a CSRF Protection Bypass in Authentication Flow

Impact A Cross-Site Request Forgery CSRF vulnerability existed in the authentication flow. Under certain conditions, the configured CSRF protection could be bypassed, allowing cross-site requests to be made. Consumers are affected if ALL of these are true: - Payload version v3.79.1 - serverURL is...

5.4CVSS5.7AI score0.00129EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/04/01 9:25 p.m.8 views

Payload has Authenticated SSRF via Upload Functionality

Impact An authenticated Server-Side Request Forgery SSRF vulnerability existed in the upload functionality. Authenticated users with create or update access to an upload-enabled collection could cause the server to make outbound HTTP requests to arbitrary URLs. Consumers are affected if ALL of...

7.7CVSS5.9AI score0.00296EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/04/01 9:25 p.m.15 views

GHSA-6R7F-Q7F5-WPX8 Payload has Authenticated SSRF via Upload Functionality

Impact An authenticated Server-Side Request Forgery SSRF vulnerability existed in the upload functionality. Authenticated users with create or update access to an upload-enabled collection could cause the server to make outbound HTTP requests to arbitrary URLs. Consumers are affected if ALL of...

7.7CVSS5.9AI score0.00296EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2026/02/24 8:10 p.m.9 views

@01.software/sdk (>=0.0.1-251008.90016 <=0.1.4), @adenta/cms (>=0.0.6 <=1.1.1-0) +32 more potentially affected by CVE-2026-27567 via payload (>=3.0.0-alpha.46 <=3.75.0-internal.8e0f8ba)

payload NPM version =3.0.0-alpha.46, =0.0.1-251008.90016, =0.0.6, =0.0.3, =1.0.1-beta.0, =1.0.0, =0.1.0, =1.0.0, =1.0.0, =3.64.0, =0.0.1-beta.0, =0.2.0, =0.2.14 - @remy90/payload-conditions-plugin =0.2.2 and more Source cves: CVE-2026-27567 Source advisory: SNYK:JS-PAYLOAD-15344407...

6.5CVSS5.8AI score0.00288EPSS
Exploits0
NVD
NVD
added 2026/02/24 3:21 p.m.15 views

CVE-2026-27567

Payload is a free and open source headless content management system. Prior to 3.75.0, a Server-Side Request Forgery SSRF vulnerability exists in Payload's external file upload functionality. When processing external URLs for file uploads, insufficient validation of HTTP redirects could allow an...

6.5CVSS0.00288EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/08/29 10:1 a.m.7 views

CVE-2025-4643 Lack of JWT Expiration after Log Out in PayloadCMS

Payload uses JSON Web Tokens JWT for authentication. After log out JWT is not invalidated, which allows an attacker who has stolen or intercepted token to freely reuse it until expiration date which is by default set to 2 hours, but can be changed. This issue has been fixed in version 3.44.0 of...

6.3CVSS6.4AI score0.00484EPSS
Exploits0References3
Rows per page
Query Builder