Description
A weakness has been identified in mingSoft MCMS up to 5.5.0. This issue affects the function catchImage of the file net/mingsoft/cms/action/BaseAction.java of the component Editor Endpoint. Executing a manipulation of the argument catchimage can lead to server-side request forgery. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks.
Published: 2026-03-27
Score: 6.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Server‑Side Request Forgery
Action: Immediate Patch
AI Analysis

Impact

A flaw in the catchImage method of MingSoft MCMS allows an attacker to supply a manipulated parameter that causes the application to perform arbitrary outbound HTTP requests. This can lead the vulnerable server to reach internal or external resources, potentially exfiltrating data or interacting with other services without authorization. The weakness falls under CWE‑918 and is rated as a Medium severity issue with a base score of 6.9.

Affected Systems

The vulnerability exists in all MingSoft MCMS installations running version 5.5.0 or earlier, specifically within the Editor Endpoint component implemented in BaseAction.java. Any deployment that has not upgraded beyond this version remains susceptible unless the catchImage endpoint has been disabled or otherwise restricted.

Risk and Exploitability

The moderate score indicates a non‑zero risk, while the lack of an EPSS value means current exploit probability data is unavailable. The attack can be executed remotely by sending crafted input to the catchImage parameter, and the vulnerability is not listed in CISA's Known Exploited Vulnerabilities catalog. Without remediation, an attacker can trigger the server to contact arbitrary URLs, potentially exposing internal services or leaking sensitive data.

Generated by OpenCVE AI on March 28, 2026 at 05:36 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the vendor‑issued patch or upgrade MingSoft MCMS to a version newer than 5.5.0 that removes the vulnerable catchImage functionality.
  • If an immediate upgrade is not feasible, restrict outbound traffic from the affected server or disable the catchImage endpoint altogether.
  • Validate and sanitize any user‑supplied URLs before the application attempts to retrieve images to prevent unintended network requests.
  • Monitor application logs for unexpected outbound requests originating from the catchImage feature.
  • Check the vendor’s website and security advisories regularly for updates or additional mitigation guidance.

Generated by OpenCVE AI on March 28, 2026 at 05:36 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 30 Mar 2026 12:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Sat, 28 Mar 2026 03:15:00 +0000

Type Values Removed Values Added
Description A weakness has been identified in mingSoft MCMS 迄 5.5.0. This issue affects the function catchImage of the file net/mingsoft/cms/action/BaseAction.java of the component Editor Endpoint. Executing a manipulation of the argument catchimage can lead to server-side request forgery. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks. A weakness has been identified in mingSoft MCMS up to 5.5.0. This issue affects the function catchImage of the file net/mingsoft/cms/action/BaseAction.java of the component Editor Endpoint. Executing a manipulation of the argument catchimage can lead to server-side request forgery. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks.
Title mingSoft MCMS Editor Endpoint BaseAction.java catchImage privilege escalation mingSoft MCMS Editor Endpoint BaseAction.java catchImage server-side request forgery

Fri, 27 Mar 2026 14:30:00 +0000

Type Values Removed Values Added
Description A weakness has been identified in mingSoft MCMS 迄 5.5.0. This issue affects the function catchImage of the file net/mingsoft/cms/action/BaseAction.java of the component Editor Endpoint. Executing a manipulation of the argument catchimage can lead to server-side request forgery. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks.
Title mingSoft MCMS Editor Endpoint BaseAction.java catchImage privilege escalation
First Time appeared Mingsoft
Mingsoft mcms
Weaknesses CWE-918
CPEs cpe:2.3:a:mingsoft:mcms:*:*:*:*:*:*:*:*
Vendors & Products Mingsoft
Mingsoft mcms
References
Metrics cvssV2_0

{'score': 7.5, 'vector': 'AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 7.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Mingsoft Mcms
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-03-30T12:05:18.706Z

Reserved: 2026-03-27T07:53:19.014Z

Link: CVE-2026-4953

cve-icon Vulnrichment

Updated: 2026-03-30T12:05:14.898Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-27T15:17:02.060

Modified: 2026-03-30T13:26:29.793

Link: CVE-2026-4953

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-30T07:01:51Z

Weaknesses