CVE-2026-2556 | cskefu up to 8.0.1 Endpoint MediaController.java url server-side request forgery

A vulnerability classified as critical has been found in cskefu up to 8.0.1. This issue affects some unknown processing of the file com/cskefu/cc/controller/resource/MediaController.java of the component Endpoint. The manipulation of the argument url leads to server-side request forgery.

This vulnerability is listed as CVE-2026-2556. The attack may be initiated remotely. In addition, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More