CVE-2026-39383 | Gotenberg up to 8.30.x URL FilterDeadline Gotenberg-Webhook-Url server-side request forgery (GHSA-5vh4-rgv7-p9g4)

A vulnerability was found in Gotenberg up to 8.30.x and classified as critical. This impacts the function FilterDeadline of the component URL Handler. The manipulation of the argument Gotenberg-Webhook-Url results in server-side request forgery.

This vulnerability is known as CVE-2026-39383. It is possible to launch the attack remotely. No exploit is available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More