PKSA-yx24-z15d-x2k7 Security Advisory
-
Server-side request forgery (SSRF) via unvalidated RSS feed URLs
PKSA-yx24-z15d-x2k7 CVE-2026-57232
Affected package: contao/core-bundle
Affected version: >=5.3.35,<5.3.48|>=5.4.0,<5.7.9
Reported by:
FriendsOfPHP/security-advisories