CVE-2026-31955: CWE-918: Server-Side Request Forgery (SSRF) in xibosignage xibo-cms
CVE-2026-31955 is a Server-Side Request Forgery (SSRF) vulnerability in xibosignage's xibo-cms versions prior to 4. 4. 1. It affects authenticated users with DataSet permissions, allowing them to make arbitrary HTTP requests from the CMS server to internal or external network resources. This can be exploited to scan internal infrastructure, access cloud metadata endpoints such as AWS IMDS, interact with unauthenticated internal services, or exfiltrate data. The vulnerability requires specific privileges that are not granted to non-admin users by default. A fixed version, 4. 4. 1, is available and upgrading is necessary to remediate the issue. For users unable to upgrade immediately, revoking DataSet privileges from untrusted users is recommended.
AI Analysis
Technical Summary
Xibo-cms, an open source digital signage platform, contains an SSRF vulnerability (CWE-918) in versions before 4.4.1. Authenticated users with DataSet permissions can abuse this flaw to send arbitrary HTTP requests from the CMS server, potentially accessing internal network resources, cloud metadata services, or unauthenticated internal services. This vulnerability requires elevated privileges that are not standard for non-admin users. The vendor has released version 4.4.1 to address this issue. The product is cloud-hosted, so the vendor manages remediation for the cloud service. The CVSS 3.1 base score is 4.9, reflecting medium severity with high confidentiality impact but no integrity or availability impact.
Potential Impact
Exploitation allows an authenticated user with DataSet permissions to perform SSRF attacks from the CMS server. This can lead to unauthorized access to internal network resources, cloud metadata endpoints (e.g., AWS IMDS), and internal services lacking authentication. Confidentiality of sensitive information may be compromised. There is no impact on integrity or availability according to the CVSS vector. No known exploits in the wild have been reported.
Mitigation Recommendations
A fixed version 4.4.1 of xibo-cms is available and upgrading to this version is necessary to remediate the vulnerability. Since this is a cloud-hosted service, the vendor manages remediation for the cloud environment; users should verify with the vendor that their service instance is updated. For users unable to upgrade immediately, it is recommended to revoke DataSet privileges from users who are not fully trusted to prevent exploitation.
CVE-2026-31955: CWE-918: Server-Side Request Forgery (SSRF) in xibosignage xibo-cms
Description
CVE-2026-31955 is a Server-Side Request Forgery (SSRF) vulnerability in xibosignage's xibo-cms versions prior to 4. 4. 1. It affects authenticated users with DataSet permissions, allowing them to make arbitrary HTTP requests from the CMS server to internal or external network resources. This can be exploited to scan internal infrastructure, access cloud metadata endpoints such as AWS IMDS, interact with unauthenticated internal services, or exfiltrate data. The vulnerability requires specific privileges that are not granted to non-admin users by default. A fixed version, 4. 4. 1, is available and upgrading is necessary to remediate the issue. For users unable to upgrade immediately, revoking DataSet privileges from untrusted users is recommended.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
Xibo-cms, an open source digital signage platform, contains an SSRF vulnerability (CWE-918) in versions before 4.4.1. Authenticated users with DataSet permissions can abuse this flaw to send arbitrary HTTP requests from the CMS server, potentially accessing internal network resources, cloud metadata services, or unauthenticated internal services. This vulnerability requires elevated privileges that are not standard for non-admin users. The vendor has released version 4.4.1 to address this issue. The product is cloud-hosted, so the vendor manages remediation for the cloud service. The CVSS 3.1 base score is 4.9, reflecting medium severity with high confidentiality impact but no integrity or availability impact.
Potential Impact
Exploitation allows an authenticated user with DataSet permissions to perform SSRF attacks from the CMS server. This can lead to unauthorized access to internal network resources, cloud metadata endpoints (e.g., AWS IMDS), and internal services lacking authentication. Confidentiality of sensitive information may be compromised. There is no impact on integrity or availability according to the CVSS vector. No known exploits in the wild have been reported.
Mitigation Recommendations
A fixed version 4.4.1 of xibo-cms is available and upgrading to this version is necessary to remediate the vulnerability. Since this is a cloud-hosted service, the vendor manages remediation for the cloud environment; users should verify with the vendor that their service instance is updated. For users unable to upgrade immediately, it is recommended to revoke DataSet privileges from users who are not fully trusted to prevent exploitation.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-03-10T15:10:10.658Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
- Is Cloud Service
- true
Threat ID: 69eac1fc87115cfb688c86e0
Added to database: 4/24/2026, 1:06:04 AM
Last enriched: 4/24/2026, 1:21:39 AM
Last updated: 4/24/2026, 3:12:03 AM
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.