erzhongxmu JEEWMS UEditor getRemoteImage.jsp server-side request forgery

A vulnerability has been found in erzhongxmu JEEWMS 3.7. Affected by this issue is some unknown functionality of the file /plug-in/ueditor/jsp/getRemoteImage.jsp of the component UEditor. The manipulation of the argument upfile leads to server-side request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Problem type

Server-Side Request Forgery

Affected products

erzhongxmu

JEEWMS

3.7 - AFFECTED

References

VDB-347382 | erzhongxmu JEEWMS UEditor getRemoteImage.jsp server-side request forgery

https://vuldb.com/?id.347382

vdb-entrytechnical-description

VDB-347382 | CTI Indicators (IOB, IOC, IOA)

https://vuldb.com/?ctiid.347382

signaturepermissions-required

Submit #756522 | erzhongxmu JEEWMS ≤3.7 Server-Side Request Forgery

https://vuldb.com/?submit.756522

third-party-advisory

notion.so

https://www.notion.so/JEEWMS-SSRF-Vulnerability-in-UEditor-Module-304ea92a3c41806782b1f7285ab0d580

exploit

GitHub Security Advisories

GHSA-6235-7hp8-952p

A vulnerability has been found in erzhongxmu JEEWMS 3.7. Affected by this issue is some unknown...

https://github.com/advisories/GHSA-6235-7hp8-952p

nvd.nist.gov

https://nvd.nist.gov/vuln/detail/CVE-2026-3026

vuldb.com

https://vuldb.com/?ctiid.347382

vuldb.com

https://vuldb.com/?id.347382

vuldb.com

https://vuldb.com/?submit.756522

notion.so

https://www.notion.so/JEEWMS-SSRF-Vulnerability-in-UEditor-Module-304ea92a3c41806782b1f7285ab0d580

github.com

https://github.com/advisories/GHSA-6235-7hp8-952p

JSON source

https://cveawg.mitre.org/api/cve/CVE-2026-3026

Click to expand

{
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "cveMetadata": {
    "cveId": "CVE-2026-3026",
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "dateUpdated": "2026-02-23T20:02:09.909Z",
    "dateReserved": "2026-02-23T14:05:13.898Z",
    "datePublished": "2026-02-23T20:02:09.909Z",
    "state": "PUBLISHED"
  },
  "containers": {
    "cna": {
      "providerMetadata": {
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB",
        "dateUpdated": "2026-02-23T20:02:09.909Z"
      },
      "title": "erzhongxmu JEEWMS UEditor getRemoteImage.jsp server-side request forgery",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been found in erzhongxmu JEEWMS 3.7. Affected by this issue is some unknown functionality of the file /plug-in/ueditor/jsp/getRemoteImage.jsp of the component UEditor. The manipulation of the argument upfile leads to server-side request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
        }
      ],
      "affected": [
        {
          "vendor": "erzhongxmu",
          "product": "JEEWMS",
          "cpes": [
            "cpe:2.3:a:jeewms:jeewms:*:*:*:*:*:*:*:*"
          ],
          "modules": [
            "UEditor"
          ],
          "versions": [
            {
              "version": "3.7",
              "status": "affected"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "lang": "en",
              "description": "Server-Side Request Forgery",
              "cweId": "CWE-918",
              "type": "CWE"
            }
          ]
        }
      ],
      "references": [
        {
          "url": "https://vuldb.com/?id.347382",
          "name": "VDB-347382 | erzhongxmu JEEWMS UEditor getRemoteImage.jsp server-side request forgery",
          "tags": [
            "vdb-entry",
            "technical-description"
          ]
        },
        {
          "url": "https://vuldb.com/?ctiid.347382",
          "name": "VDB-347382 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ]
        },
        {
          "url": "https://vuldb.com/?submit.756522",
          "name": "Submit #756522 | erzhongxmu JEEWMS ≤3.7 Server-Side Request Forgery",
          "tags": [
            "third-party-advisory"
          ]
        },
        {
          "url": "https://www.notion.so/JEEWMS-SSRF-Vulnerability-in-UEditor-Module-304ea92a3c41806782b1f7285ab0d580",
          "tags": [
            "exploit"
          ]
        }
      ],
      "metrics": [
        {},
        {
          "cvssV3_1": {
            "version": "3.1",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "baseScore": 7.3,
            "baseSeverity": "HIGH"
          }
        },
        {
          "cvssV3_0": {
            "version": "3.0",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "baseScore": 7.3,
            "baseSeverity": "HIGH"
          }
        },
        {
          "cvssV2_0": {
            "version": "2.0",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
            "baseScore": 7.5
          }
        }
      ],
      "timeline": [
        {
          "time": "2026-02-23T00:00:00.000Z",
          "lang": "en",
          "value": "Advisory disclosed"
        },
        {
          "time": "2026-02-23T01:00:00.000Z",
          "lang": "en",
          "value": "VulDB entry created"
        },
        {
          "time": "2026-02-23T15:11:02.000Z",
          "lang": "en",
          "value": "VulDB entry last update"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "din4 (VulDB User)",
          "type": "reporter"
        }
      ]
    }
  }
}