CVE-2026-4623 | DefaultFuction Jeson-Customer-Relationship-Management-System up to 1b4679c4d06b90d31dd521c2b000bfdec5a36e00 API Module /api/System.php url server-side request forgery

A vulnerability has been found in DefaultFuction Jeson-Customer-Relationship-Management-System up to 1b4679c4d06b90d31dd521c2b000bfdec5a36e00 and classified as critical. This affects an unknown function of the file /api/System.php of the component API Module. The manipulation of the argument url leads to server-side request forgery.

This vulnerability is documented as CVE-2026-4623. The attack can be initiated remotely. Additionally, an exploit exists.

Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. It is suggested to install a patch to address this issue.VulDB Recent EntriesRead More