CVE-2026-5126

MEDIUM NVD

CVSS Score 6.3

Severity MEDIUM

Published Mar 30, 2026

Vendor unknown

Description

A flaw has been found in SourceCodester RSS Feed Parser 1.0. Affected by this issue is the function file_get_contents. This manipulation causes server-side request forgery. The attack is possible to be carried out remotely. The exploit has been published and may be used.

References

https://medium.com/@hemantrajbhati5555/discovering-a-blind-ssrf-vulnerability-in-a-php-rss-feed-parser-243f3ccbdafb
https://vuldb.com/submit/780180
https://vuldb.com/vuln/354158
https://vuldb.com/vuln/354158/cti
https://www.sourcecodester.com/