CVE-2026-50886

Published: Giu 15, 2026 Last Modified: Giu 15, 2026
ExploitDB:
Other exploit source:
Google Dorks:

Description

AI Translation Available

Incorrect access control in the webhook management component of Project Firefly III v6.5.9 allows attackers to scan internal resources via a crafted POST request.

https://gist.github.com/pyuysig/f5395f90753ba652835ba9c6abf…
https://gist.github.com/pyuysig/f5395f90753ba652835ba9c6abf4c4ae