CVE-2026-46393 | haxtheweb haxcms-nodejs/haxcms-php up to 25.x server-side request forgery (GHSA-q862-gcgq-5m6g)

A vulnerability classified as critical was found in haxtheweb haxcms-nodejs and haxcms-php up to 25.x. This vulnerability affects unknown code. Executing a manipulation can lead to server-side request forgery.

This vulnerability appears as CVE-2026-46393. The attack may be performed from remote. There is no available exploit.

Upgrading the affected component is advised.VulDB Recent EntriesRead More