CVE-2026-41455
Server-Side Request Forgery in WeKan Webhook Integration Allows Unauthorized Data Manipulation
Publication date: 2026-04-22
Last updated on: 2026-04-22
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wekan | wekan | to 8.35 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-918 | The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Wekan versions before 8.35 and is a server-side request forgery (SSRF) issue related to webhook integration URL handling.
The URL schema field in webhook integrations accepts any string without restricting the protocol or validating the destination.
As a result, attackers who have the ability to create or modify integrations can set webhook URLs to internal network addresses.
This causes the server to send HTTP POST requests to internal targets controlled by the attacker, including full board event payloads.
Additionally, attackers can exploit the response handling to overwrite arbitrary comment text without authorization checks.
Can you explain this vulnerability to me?
This vulnerability exists in Wekan versions before 8.35 and involves a server-side request forgery (SSRF) issue in the webhook integration URL handling.
The URL schema field accepts any string without restricting the protocol or validating the destination, allowing attackers who can create or modify integrations to set webhook URLs to internal network addresses.
As a result, the server can be tricked into issuing HTTP POST requests to internal targets controlled by the attacker, including sending full board event payloads.
Additionally, attackers can exploit the response handling to overwrite arbitrary comment text without authorization checks.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing an attacker with integration creation or modification privileges to make the server send unauthorized HTTP POST requests to internal network addresses.
This can lead to unauthorized access or interaction with internal systems that are normally protected from external access.
Furthermore, the attacker can overwrite comment text arbitrarily without authorization, potentially leading to misinformation, data integrity issues, or manipulation of board content.
Can you explain this vulnerability to me?
This vulnerability exists in Wekan versions before 8.35 and involves a server-side request forgery (SSRF) issue in the webhook integration URL handling.
The URL schema field accepts any string without restricting the protocol or validating the destination, allowing attackers who can create or modify integrations to set webhook URLs to internal network addresses.
As a result, the server can be tricked into issuing HTTP POST requests to internal targets controlled by the attacker, including sending full board event payloads.
Additionally, attackers can exploit the response handling to overwrite arbitrary comment text without authorization checks.
How can this vulnerability impact me? :
This vulnerability can allow attackers to make the server send unauthorized HTTP POST requests to internal network addresses, potentially exposing sensitive internal services or data.
Attackers can also overwrite comment text arbitrarily without proper authorization, which could lead to misinformation, data integrity issues, or unauthorized content injection.
Overall, this can compromise the confidentiality and integrity of data within the affected system and its internal network.
Can you explain this vulnerability to me?
This vulnerability exists in Wekan versions before 8.35 and involves a server-side request forgery (SSRF) issue in the webhook integration URL handling.
The URL schema field accepts any string without restricting the protocol or validating the destination.
Attackers who have the ability to create or modify integrations can set webhook URLs to internal network addresses.
This causes the server to send HTTP POST requests to internal targets controlled by the attacker, including full board event payloads.
Additionally, attackers can exploit response handling to overwrite arbitrary comment text without authorization checks.
How can this vulnerability impact me? :
This vulnerability can allow attackers to make the server send unauthorized HTTP POST requests to internal network addresses, potentially accessing or interacting with internal systems that are not normally exposed.
Attackers can receive full board event payloads, which may include sensitive information.
Moreover, attackers can overwrite arbitrary comment text without authorization, which could lead to data integrity issues or misinformation within the application.
Can you explain this vulnerability to me?
This vulnerability exists in Wekan versions before 8.35 and involves a server-side request forgery (SSRF) issue in the webhook integration URL handling.
The URL schema field accepts any string without restricting the protocol or validating the destination, allowing attackers who can create or modify integrations to set webhook URLs to internal network addresses.
As a result, the server can be tricked into issuing HTTP POST requests to internal targets controlled by the attacker, including sending full board event payloads.
Additionally, attackers can exploit response handling to overwrite arbitrary comment text without authorization checks.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing an attacker with integration creation or modification privileges to make the server send unauthorized HTTP POST requests to internal network addresses.
This can lead to unauthorized access or manipulation of internal services that are normally protected from external access.
Furthermore, the attacker can overwrite arbitrary comment text without authorization, potentially leading to misinformation or data integrity issues within the application.
Can you explain this vulnerability to me?
This vulnerability exists in Wekan versions before 8.35 and involves server-side request forgery (SSRF) in the webhook integration URL handling.
The issue arises because the URL schema field accepts any string without restricting the protocol or validating the destination.
Attackers who have the ability to create or modify integrations can set webhook URLs to internal network addresses.
This causes the server to send HTTP POST requests to internal targets controlled by the attacker, including full board event payloads.
Additionally, attackers can exploit response handling to overwrite arbitrary comment text without authorization checks.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing attackers to make the server send unauthorized HTTP POST requests to internal network addresses.
Such requests include sensitive board event data, potentially exposing internal information.
Attackers can also overwrite comment text arbitrarily without proper authorization, which can lead to data integrity issues or misinformation.
Can you explain this vulnerability to me?
This vulnerability exists in Wekan versions before 8.35 and involves server-side request forgery (SSRF) in the webhook integration URL handling.
The URL schema field accepts any string without restricting the protocol or validating the destination.
Attackers who have the ability to create or modify integrations can set webhook URLs to internal network addresses.
This causes the server to send HTTP POST requests to internal targets controlled by the attacker, including full board event payloads.
Additionally, attackers can exploit response handling to overwrite arbitrary comment text without authorization checks.
How can this vulnerability impact me? :
This vulnerability can allow attackers to make the server send unauthorized HTTP POST requests to internal network addresses, potentially accessing or interacting with internal services.
Attackers can receive full board event payloads, which may expose sensitive information.
They can also overwrite arbitrary comment text without authorization, leading to data integrity issues or misinformation.
Can you explain this vulnerability to me?
This vulnerability exists in Wekan versions before 8.35 and is a server-side request forgery (SSRF) issue related to webhook integration URL handling.
The url schema field in webhook integrations accepts any string without restricting the protocol or validating the destination.
As a result, attackers who can create or modify integrations can set webhook URLs to internal network addresses.
This causes the server to send HTTP POST requests to internal targets controlled by the attacker, including full board event payloads.
Additionally, attackers can exploit response handling to overwrite arbitrary comment text without authorization checks.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing an attacker with integration creation or modification privileges to make the server send unauthorized HTTP POST requests to internal network addresses.
This can lead to unauthorized access or manipulation of internal services that are normally inaccessible from outside.
Furthermore, the attacker can overwrite arbitrary comment text without authorization, potentially leading to data integrity issues or misinformation.
Can you explain this vulnerability to me?
This vulnerability exists in Wekan versions before 8.35 and involves a server-side request forgery (SSRF) issue in the webhook integration URL handling.
Specifically, the URL schema field accepts any string without restricting the protocol or validating the destination.
Attackers who have the ability to create or modify integrations can set webhook URLs to internal network addresses.
This causes the server to send HTTP POST requests to internal targets controlled by the attacker, including full board event payloads.
Additionally, attackers can exploit the response handling to overwrite arbitrary comment text without authorization checks.
How can this vulnerability impact me? :
This vulnerability can allow an attacker with integration modification privileges to make the server send unauthorized HTTP POST requests to internal network addresses.
Such requests include sensitive board event data, potentially exposing internal information.
Moreover, the attacker can overwrite comment text arbitrarily without authorization, which can lead to data integrity issues and unauthorized content manipulation.
Can you explain this vulnerability to me?
This vulnerability exists in Wekan versions before 8.35 and is a server-side request forgery (SSRF) issue related to webhook integration URL handling.
The url schema field in webhook integrations accepts any string without restricting the protocol or validating the destination.
As a result, attackers who have the ability to create or modify integrations can set webhook URLs to internal network addresses.
This causes the server to send HTTP POST requests to internal targets controlled by the attacker, including full board event payloads.
Additionally, attackers can exploit the response handling to overwrite arbitrary comment text without authorization checks.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing attackers with integration modification privileges to make the server send unauthorized HTTP POST requests to internal network addresses.
This can lead to unauthorized access or interaction with internal systems that are normally protected from external access.
Furthermore, attackers can overwrite comment text arbitrarily without authorization, potentially leading to misinformation or manipulation of data within the application.
Can you explain this vulnerability to me?
This vulnerability exists in Wekan versions before 8.35 and is a server-side request forgery (SSRF) issue related to webhook integration URL handling.
The URL schema field in webhook integrations accepts any string without restricting the protocol or validating the destination.
Attackers who have the ability to create or modify integrations can set webhook URLs to internal network addresses.
This causes the server to send HTTP POST requests to internal targets controlled by the attacker, including full board event payloads.
Additionally, attackers can exploit the response handling to overwrite arbitrary comment text without authorization checks.
How can this vulnerability impact me? :
This vulnerability can allow attackers to make the server send unauthorized HTTP POST requests to internal network addresses, potentially accessing or interacting with internal services that are not normally exposed.
Attackers can receive full board event payloads, which may expose sensitive information.
Moreover, attackers can overwrite arbitrary comment text without authorization, which could lead to data integrity issues or misinformation within the application.
Can you explain this vulnerability to me?
This vulnerability exists in Wekan versions before 8.35 and involves a server-side request forgery (SSRF) issue in the webhook integration URL handling.
The URL schema field accepts any string without restricting the protocol or validating the destination, allowing attackers who can create or modify integrations to set webhook URLs to internal network addresses.
As a result, the server issues HTTP POST requests to attacker-controlled internal targets with full board event payloads.
Additionally, attackers can exploit response handling to overwrite arbitrary comment text without authorization checks.
How can this vulnerability impact me? :
This vulnerability can allow attackers to make the server send unauthorized HTTP POST requests to internal network addresses, potentially accessing or interacting with internal services that should be protected.
Attackers can also overwrite comment text arbitrarily without authorization, which could lead to misinformation, data integrity issues, or unauthorized content injection.
Can you explain this vulnerability to me?
This vulnerability exists in Wekan versions before 8.35 and is a server-side request forgery (SSRF) issue related to webhook integration URL handling.
The url schema field in webhook integrations accepts any string without restricting the protocol or validating the destination.
Attackers who have the ability to create or modify integrations can set webhook URLs to internal network addresses.
This causes the server to send HTTP POST requests to internal targets controlled by the attacker, including full board event payloads.
Additionally, attackers can exploit response handling to overwrite arbitrary comment text without authorization checks.
How can this vulnerability impact me? :
This vulnerability can allow attackers to make the server send unauthorized HTTP POST requests to internal network addresses, potentially accessing or interacting with internal services.
Attackers can receive full board event payloads, which may expose sensitive information.
They can also overwrite arbitrary comment text without authorization, which could lead to data integrity issues or misinformation.
Can you explain this vulnerability to me?
This vulnerability exists in Wekan versions before 8.35 and involves a server-side request forgery (SSRF) issue in the webhook integration URL handling.
Specifically, the URL schema field accepts any string without restricting the protocol or validating the destination.
An attacker who can create or modify integrations can set webhook URLs to internal network addresses, causing the server to send HTTP POST requests to internal targets controlled by the attacker.
Additionally, the attacker can exploit response handling to overwrite arbitrary comment text without authorization checks.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing an attacker with integration modification privileges to make the server send unauthorized HTTP POST requests to internal network addresses.
This could expose internal services to attacker-controlled payloads, potentially leading to information disclosure or further internal network compromise.
Moreover, the attacker can overwrite comment text arbitrarily without authorization, which could lead to data integrity issues or misinformation within the application.
Can you explain this vulnerability to me?
This vulnerability exists in Wekan versions before 8.35 and involves a server-side request forgery (SSRF) issue in the webhook integration URL handling.
The URL schema field accepts any string without restricting the protocol or validating the destination, allowing attackers who can create or modify integrations to set webhook URLs to internal network addresses.
As a result, the server can be tricked into issuing HTTP POST requests to internal targets controlled by the attacker, including sending full board event payloads.
Additionally, attackers can exploit the response handling mechanism to overwrite arbitrary comment text without authorization checks.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing an attacker with integration creation or modification privileges to make the server send unauthorized HTTP POST requests to internal network addresses.
This can lead to unauthorized access or manipulation of internal services that are normally inaccessible from outside the network.
Furthermore, the attacker can overwrite arbitrary comment text without authorization, potentially leading to misinformation, data integrity issues, or unauthorized content injection within the application.
Can you explain this vulnerability to me?
This vulnerability exists in Wekan versions before 8.35 and is a server-side request forgery (SSRF) issue related to webhook integration URL handling.
The problem arises because the URL schema field accepts any string without restricting the protocol or validating the destination.
Attackers who have the ability to create or modify integrations can set webhook URLs to internal network addresses.
This causes the server to send HTTP POST requests to internal targets controlled by the attacker, including full board event payloads.
Additionally, attackers can exploit the response handling to overwrite arbitrary comment text without authorization checks.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing an attacker with integration modification privileges to make the server send unauthorized HTTP POST requests to internal network addresses.
This can lead to unauthorized access or interaction with internal systems that are normally protected from external access.
Furthermore, the attacker can overwrite arbitrary comment text without authorization, potentially leading to data integrity issues or misinformation within the application.
Can you explain this vulnerability to me?
This vulnerability exists in Wekan versions before 8.35 and involves a server-side request forgery (SSRF) issue in the webhook integration URL handling.
Specifically, the URL schema field accepts any string without restricting the protocol or validating the destination.
As a result, attackers who have the ability to create or modify integrations can set webhook URLs to internal network addresses.
This causes the server to send HTTP POST requests to internal targets controlled by the attacker, including full board event payloads.
Additionally, attackers can exploit the response handling to overwrite arbitrary comment text without authorization checks.
How can this vulnerability impact me? :
The vulnerability can impact you by allowing an attacker with integration modification privileges to make the server send unauthorized HTTP POST requests to internal network addresses.
This can lead to unauthorized access or interaction with internal services that are normally protected from external access.
Furthermore, the attacker can overwrite arbitrary comment text without authorization, potentially leading to data integrity issues or misinformation within the application.
How can this vulnerability impact me? :
This vulnerability can allow attackers to make the server send unauthorized HTTP POST requests to internal network addresses, potentially accessing or interacting with internal services that are not normally exposed.
Attackers can receive full board event payloads, which may include sensitive information.
Furthermore, attackers can overwrite arbitrary comment text without authorization, which could lead to misinformation, data integrity issues, or unauthorized data manipulation.
Can you explain this vulnerability to me?
This vulnerability exists in Wekan versions before 8.35 and is a server-side request forgery (SSRF) issue related to webhook integration URL handling.
The problem arises because the URL schema field accepts any string without restricting the protocol or validating the destination.
Attackers who have the ability to create or modify integrations can set webhook URLs to internal network addresses.
This causes the server to send HTTP POST requests to internal targets controlled by the attacker, including full board event payloads.
Additionally, attackers can exploit the response handling mechanism to overwrite arbitrary comment text without authorization checks.
Can you explain this vulnerability to me?
This vulnerability exists in Wekan versions before 8.35 and involves a server-side request forgery (SSRF) issue in the webhook integration URL handling.
The url schema field accepts any string without restricting the protocol or validating the destination, allowing attackers who can create or modify integrations to set webhook URLs to internal network addresses.
As a result, the server can be tricked into issuing HTTP POST requests to internal targets controlled by the attacker, including sending full board event payloads.
Additionally, attackers can exploit the response handling to overwrite arbitrary comment text without authorization checks.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing an attacker with integration creation or modification privileges to make the server send unauthorized HTTP POST requests to internal network addresses.
This can lead to unauthorized access or interaction with internal services that are normally protected from external access.
Furthermore, the attacker can overwrite arbitrary comment text without authorization, potentially leading to misinformation, data integrity issues, or unauthorized content injection.
Can you explain this vulnerability to me?
This vulnerability exists in Wekan versions before 8.35 and is a server-side request forgery (SSRF) issue related to webhook integration URL handling.
The url schema field in webhook integrations accepts any string without restricting the protocol or validating the destination.
Attackers who have the ability to create or modify integrations can set webhook URLs to internal network addresses.
This causes the server to send HTTP POST requests to internal targets controlled by the attacker, including full board event payloads.
Additionally, attackers can exploit the response handling to overwrite arbitrary comment text without authorization checks.
How can this vulnerability impact me? :
This vulnerability can allow attackers to make the server send unauthorized HTTP POST requests to internal network addresses, potentially accessing or interacting with internal services.
Attackers can receive full board event payloads, which may expose sensitive information.
They can also overwrite arbitrary comment text without authorization, leading to data integrity issues or misinformation.
Can you explain this vulnerability to me?
This vulnerability exists in Wekan versions before 8.35 and involves a server-side request forgery (SSRF) issue in the webhook integration URL handling.
The URL schema field accepts any string without restricting the protocol or validating the destination, allowing attackers who can create or modify integrations to set webhook URLs to internal network addresses.
As a result, the server issues HTTP POST requests to attacker-controlled internal targets with full board event payloads.
Additionally, attackers can exploit response handling to overwrite arbitrary comment text without authorization checks.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing an attacker with integration creation or modification privileges to make the server send HTTP POST requests to internal network addresses, potentially accessing internal services that are not normally exposed.
The attacker can receive full board event payloads, which may include sensitive information.
Furthermore, the attacker can overwrite arbitrary comment text without authorization, potentially leading to misinformation or manipulation of data within the application.
Can you explain this vulnerability to me?
This vulnerability exists in Wekan versions before 8.35 and is a server-side request forgery (SSRF) issue related to webhook integration URL handling.
The URL schema field in webhook integrations accepts any string without restricting the protocol or validating the destination.
As a result, attackers who can create or modify integrations can set webhook URLs to internal network addresses.
This causes the server to send HTTP POST requests to internal targets controlled by the attacker, including full board event payloads.
Additionally, attackers can exploit response handling to overwrite arbitrary comment text without authorization checks.
How can this vulnerability impact me? :
This vulnerability can allow attackers to make the server send unauthorized HTTP POST requests to internal network addresses, potentially accessing or interacting with internal services.
Attackers can receive full board event payloads, which may expose sensitive information.
They can also overwrite arbitrary comment text without authorization, leading to data integrity issues or misinformation.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing an attacker with integration modification privileges to make the server send unauthorized HTTP requests to internal network addresses.
Such requests can leak sensitive internal information or trigger actions within the internal network that should not be accessible externally.
Moreover, the attacker can overwrite arbitrary comment text on boards without proper authorization, potentially leading to misinformation or data integrity issues.