PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-43936 e107inc CVE debrief

A Server-Side Request Forgery (SSRF) vulnerability exists in e107 CMS versions prior to 2.3.4. The vulnerability is located in the Media Manager's 'From a remote location' feature, specifically within the 'Image/File URL:' input field. An authenticated administrator can specify URLs pointing to internal/local resources, causing the server to make requests to those endpoints. This allows access to the local environment that would otherwise be unreachable from the external network. The CVSS 3.1 score of 4.3 (Medium) reflects the requirement for authenticated administrative privileges and limited confidentiality impact. The vulnerability was disclosed on 2026-05-26 and fixed in version 2.3.4. Two commits address the issue, and a GitHub Security Advisory provides additional technical details.

Vendor
e107inc
Product
e107
CVSS
MEDIUM 4.3
CISA KEV
Not listed in stored evidence
Original CVE published
2026-05-26
Original CVE updated
2026-05-26
Advisory published
2026-05-26
Advisory updated
2026-05-26

Who should care

Organizations running e107 CMS versions prior to 2.3.4, particularly those with administrative users who have Media Manager access. Security teams concerned with SSRF attack vectors and internal network exposure. Hosting providers and managed service providers supporting e107 deployments.

Technical summary

The e107 CMS Media Manager component contains an SSRF vulnerability in the 'From a remote location' feature. The 'Image/File URL:' field accepts arbitrary URLs without adequate validation, allowing authenticated administrators to induce the server to make requests to internal or local addresses. This exposes internal services and resources that should not be accessible from external networks. The vulnerability requires low privileges (administrator authentication) and has low attack complexity. Remediation is available in version 2.3.4 via two commits that implement proper URL validation and access controls.

Defensive priority

medium

Recommended defensive actions

  • Upgrade e107 CMS to version 2.3.4 or later to remediate this vulnerability
  • Review Media Manager access controls and restrict administrative privileges to trusted personnel only
  • Implement network segmentation to limit internal resource exposure from web application servers
  • Monitor server logs for unusual outbound requests originating from the e107 application
  • Validate and sanitize all URL inputs in file upload/import functionality to prevent SSRF vectors
  • Consider implementing URL allowlist restrictions for remote file fetching features

Evidence notes

Vulnerability description confirms SSRF via Media Manager remote file URL field. CVSS vector AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N indicates network attack vector, low attack complexity, low privileges required, no user interaction, unchanged scope, and low confidentiality impact. CWE-918 (Server-Side Request Forgery) assigned. Fix version 2.3.4 explicitly stated. Two GitHub commits (40b2d111, 5f98cc9f) and GitHub Security Advisory GHSA-92fr-7h4f-22pp provide remediation evidence.

Official resources

2026-05-26