A SSRF vulnerability in WADL service description in versions of Apache CXF before 4.0.5, 3.6.4 and 3.5.9 allows an attacker to perform SSRF style attacks on REST webservices. The attack only applies if a custom stylesheet parameter is configured.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NApache Cxf
APPApache< 3.5.93.6.0 – 3.6.4 (bez)4.0.0 – 4.0.5 (bez)
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
SSRF
CWE
Related vulnerabilities
CVE-2026-49875CRITICAL9.8PL ✓ten sam produkt
Apache CXF: podatność XXE w EndpointReferenceUtils i W3CMultiSchemaFactory
CVE-2026-50628CRITICAL9.8PL ✓ten sam produkt
Apache CXF: błąd logiki w OAuthRequestFilter odwraca weryfikację IP
CVE-2026-50627CRITICAL9.1PL ✓ten sam produkt
Apache CXF: brak weryfikacji pola 'aud' w tokenach JWT (Token Confusion)
CVE-2026-44930CRITICAL9.8ten sam produkt
An LDAP injection vulnerability in the LDAP Certificate repository of the XKMS server in Apache CXF may allow ...
CVE-2025-48913CRITICAL9.8PL ✓ten sam produkt
Apache CXF: RCE przez złośliwe URL w konfiguracji JMS