CVE-2026-42141: CWE-918: Server-Side Request Forgery (SSRF) in xibosignage xibo-cms
Xibo is an open source digital signage platform with a web content management system and Windows display player software. Prior to 4.4.1, an authenticated Server-Side Request Forgery (SSRF) vulnerability in the Xibo CMS allows users with Library upload permissions to make arbitrary HTTP requests from the CMS server to internal or external network resources. This can be exploited to scan internal infrastructure, access local cloud metadata endpoints (e.g., AWS IMDS), interact with internal services that lack authentication, or exfiltrate data. This vulnerability is fixed in 4.4.1.
AI Analysis
Technical Summary
CVE-2026-42141 is a CWE-918 SSRF vulnerability affecting xibo-cms before version 4.4.1. It allows authenticated users with specific permissions to induce the server to send crafted HTTP requests to arbitrary locations, potentially exposing internal network resources or sensitive metadata endpoints. The vulnerability has a CVSS 3.1 base score of 7.7 (high severity), reflecting network attack vector, low attack complexity, required privileges, no user interaction, scope change, and high confidentiality impact. The vendor has released version 4.4.1 which addresses this issue. The product is a cloud-hosted service, so the vendor manages remediation on the server side.
Potential Impact
Exploitation allows an authenticated user with Library upload permissions to perform SSRF attacks from the CMS server, potentially leading to internal network scanning, unauthorized access to cloud metadata services (e.g., AWS IMDS), interaction with internal unauthenticated services, and exfiltration of sensitive data. Confidentiality is impacted, but integrity and availability are not directly affected according to the CVSS vector. No known exploits in the wild have been reported.
Mitigation Recommendations
Upgrade xibo-cms to version 4.4.1 or later, where this SSRF vulnerability is fixed. Since this is a cloud-hosted service, the vendor manages remediation on the server side; verify with the vendor advisory that your instance is updated. No additional mitigation actions are indicated by the vendor advisory.
CVE-2026-42141: CWE-918: Server-Side Request Forgery (SSRF) in xibosignage xibo-cms
Description
Xibo is an open source digital signage platform with a web content management system and Windows display player software. Prior to 4.4.1, an authenticated Server-Side Request Forgery (SSRF) vulnerability in the Xibo CMS allows users with Library upload permissions to make arbitrary HTTP requests from the CMS server to internal or external network resources. This can be exploited to scan internal infrastructure, access local cloud metadata endpoints (e.g., AWS IMDS), interact with internal services that lack authentication, or exfiltrate data. This vulnerability is fixed in 4.4.1.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-42141 is a CWE-918 SSRF vulnerability affecting xibo-cms before version 4.4.1. It allows authenticated users with specific permissions to induce the server to send crafted HTTP requests to arbitrary locations, potentially exposing internal network resources or sensitive metadata endpoints. The vulnerability has a CVSS 3.1 base score of 7.7 (high severity), reflecting network attack vector, low attack complexity, required privileges, no user interaction, scope change, and high confidentiality impact. The vendor has released version 4.4.1 which addresses this issue. The product is a cloud-hosted service, so the vendor manages remediation on the server side.
Potential Impact
Exploitation allows an authenticated user with Library upload permissions to perform SSRF attacks from the CMS server, potentially leading to internal network scanning, unauthorized access to cloud metadata services (e.g., AWS IMDS), interaction with internal unauthenticated services, and exfiltration of sensitive data. Confidentiality is impacted, but integrity and availability are not directly affected according to the CVSS vector. No known exploits in the wild have been reported.
Mitigation Recommendations
Upgrade xibo-cms to version 4.4.1 or later, where this SSRF vulnerability is fixed. Since this is a cloud-hosted service, the vendor manages remediation on the server side; verify with the vendor advisory that your instance is updated. No additional mitigation actions are indicated by the vendor advisory.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-04-24T17:15:21.834Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
- Is Cloud Service
- true
Threat ID: 6a036562cbff5d861008cc5a
Added to database: 5/12/2026, 5:37:38 PM
Last enriched: 5/12/2026, 6:08:40 PM
Last updated: 5/13/2026, 4:52:19 AM
Views: 3
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.