Payload CMS is an open-source headless content management system that prior to version 3.75.0 contained a Server-Side Request Forgery (SSRF) vulnerability identified as CVE-2026-27567 (CWE-918). This vulnerability arises from insufficient validation of HTTP redirects when processing external URLs during file uploads. Specifically, if an authenticated user has create permissions on at least one collection with upload enabled, they can exploit this flaw to make the server perform HTTP requests to internal network resources that are otherwise inaccessible externally. The SSRF allows the attacker to retrieve response content from these internal services, potentially exposing sensitive internal data or enabling further attacks. The vulnerability does not require user interaction beyond authentication and appropriate permissions but does require that the Payload environment be configured with upload-enabled collections. The vulnerability was addressed in Payload CMS version 3.75.0. Workarounds include disabling external file uploads via the disableExternalFile option or restricting create access on upload-enabled collections to trusted users only. The CVSS v3.1 base score is 6.5, reflecting network attack vector, low attack complexity, high privileges required, no user interaction, unchanged scope, and high impact on confidentiality and integrity but no impact on availability.

The SSRF vulnerability allows authenticated users with specific permissions to access internal network resources that are normally protected from external access. This can lead to unauthorized disclosure of sensitive internal information, such as internal APIs, metadata services, or other backend systems. The confidentiality and integrity of internal systems may be compromised, potentially enabling further lateral movement or privilege escalation within an organization's network. Although the vulnerability requires authentication and specific permissions, in environments where user access controls are lax or compromised accounts exist, the risk is significant. Organizations using vulnerable versions of Payload CMS with upload-enabled collections are at risk of internal network reconnaissance and data leakage. The impact is primarily on confidentiality and integrity, with no direct availability impact. Since Payload CMS is used worldwide, organizations running vulnerable versions in production environments face potential exposure until patched or mitigated.

To mitigate this vulnerability, organizations should upgrade Payload CMS to version 3.75.0 or later, where the SSRF flaw is patched. If immediate upgrading is not feasible, administrators should disable external file uploads by setting the disableExternalFile option on upload-enabled collections to prevent processing of external URLs. Additionally, restrict create permissions on upload-enabled collections strictly to trusted and verified users to reduce the risk of exploitation. Implement network-level controls such as internal service segmentation and firewall rules to limit the Payload server's ability to access sensitive internal endpoints. Monitor logs for unusual upload activity or unexpected internal requests originating from the CMS server. Conduct regular audits of user permissions and review upload collection configurations to ensure adherence to the principle of least privilege. Finally, educate administrators and developers about the risks of SSRF and secure coding practices related to file uploads and URL handling.