CVE-2026-51833
Xenforo 2.3.8 is vulnerable to SSRF. Attackers that have administrator privileges or are able to add/save RSS feeds can enumerate internal s
CVSS
—
No CVSS
EPSS
—
KEV
—
Exploit Today
—
0-100
Published: Jul 17, 2026 · Last modified: Jul 17, 2026
Not enough EPSS history yet.
Xenforo 2.3.8 is vulnerable to SSRF. Attackers that have administrator privileges or are able to add/save RSS feeds can enumerate internal services (ports) or expose the original IP address of the server.
No related CVEs by CWE or product.