CVE-2026-42346 | gitroomhq postiz-app up to 2.21.6 isSafePublicHttpsUrl server-side request forgery (GHSA-f7jj-p389-4w45)

A vulnerability was found in gitroomhq postiz-app up to 2.21.6 and classified as critical. Affected is the function isSafePublicHttpsUrl. The manipulation results in server-side request forgery.

This vulnerability is cataloged as CVE-2026-42346. The attack may be launched remotely. There is no exploit available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More