PT-2026-30854 · Papra · Papra
Toothless5143
·
Published
2026-04-07
·
Updated
2026-04-07
·
CVE-2026-35461
CVSS v3.1
5.0
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Papra versions prior to 26.4.0
Description
The Papra webhook system allows authenticated users to register arbitrary URLs as webhook endpoints without validation. The server sends HTTP POST requests to these registered URLs, which can include localhost, internal network addresses, and cloud provider metadata endpoints, whenever a document event occurs.
Recommendations
Update to version 26.4.0 or later.
Exploit
Fix
SSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Papra