PT-2026-30561 · Unknown · Kalcaddle Kodbox
Vulnplusbot
·
Published
2026-04-06
·
Updated
2026-04-06
·
CVE-2026-5618
CVSS v3.1
5.6
Medium
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
kalcaddle kodbox versions up to 1.64
Description
A server-side request forgery condition exists in the shareMake/shareCheck component of kalcaddle kodbox. Manipulation of the
siteFrom and siteTo arguments can trigger the issue. The attack is possible remotely and has a high complexity, with difficult exploitability. The exploit is publicly available.Recommendations
Update to a version beyond 1.64.
Exploit
Fix
SSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Kalcaddle Kodbox