PT-2026-55058 · Bitnami · Appsmith
Published
2026-06-30
·
Updated
2026-06-30
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 1.99, the POST /api/v1/admin/send-test-email endpoint accepts attacker-controlled smtpHost and smtpPort values and establishes a raw JavaMail TCP connection without any IP validation. This completely bypasses WebClientUtils.IP CHECK FILTER, which only applies to Spring WebClient HTTP requests. Additionally, the raw MailException.getMessage() is returned verbatim in the API error response, enabling error-based internal port scanning and service banner enumeration. This vulnerability is fixed in 1.99.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Appsmith