CVE-2026-40168

Published: Apr 10, 2026Modified: Apr 14, 2026

8.2

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

Exploitability: 3.9 / Impact: 4.2

Source: security-advisories@github.com (Secondary)

Description

Postiz is an AI social media scheduling tool. Prior to 2.21.5, the /api/public/stream endpoint is vulnerable to SSRF. Although the application validates the initially supplied URL and blocks direct private/internal hosts, it does not re-validate the final destination after HTTP redirects. As a result, an attacker can supply a public HTTPS URL that passes validation and then redirects the server-side request to an internal resource.

Affected (1)

Products: Gitroom: Postiz

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Gitroom Postiz	Before 2.21.5

Related CWEs

Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

References (4)

https://github.com/gitroomhq/postiz-app/commit/30e8b777098157362769226d1b46d83ad616cb06

Source: security-advisories@github.com

Patch

https://github.com/gitroomhq/postiz-app/releases/tag/v2.21.5

Source: security-advisories@github.com

ProductRelease Notes

https://github.com/gitroomhq/postiz-app/security/advisories/GHSA-34w8-5j2v-h6ww

Source: security-advisories@github.com

ExploitMitigationVendor Advisory

https://github.com/gitroomhq/postiz-app/security/advisories/GHSA-34w8-5j2v-h6ww

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

ExploitMitigationVendor Advisory

Timeline

No history available yet.