CVE-2026-46393

CVE-2026-46393

HAX CMS helps manage microsite universe with PHP or NodeJs backends. An authenticated Server-Side Request Forgery (SSRF) vulnerability in versions prior to 26.0.0 allows authenticated users to fetch arbitrary internal or local resources an…

Vulnerability class: SSRF (Server-Side Request Forgery)

Weakness classification (CWE)

References