Plateforme
php
Composant
kodbox
Corrigé dans
1.64.1
A cross-site request forgery (XSRF) vulnerability has been identified in kalcaddle kodbox versions 1.64–1.64. This flaw resides within the loginSubmit API, specifically in the /workspace/source-code/plugins/oauth/controller/bind/index.class.php file. Successful exploitation allows an attacker to perform unauthorized actions on behalf of an authenticated user, potentially leading to data modification or account compromise. The vulnerability was publicly disclosed on 2026-03-23.
The XSRF vulnerability in kalcaddle kodbox allows an attacker to craft malicious requests that appear to originate from a legitimate user. By tricking a logged-in user into clicking a crafted link or visiting a malicious website, the attacker can execute actions such as changing passwords, modifying data, or performing other privileged operations. The public availability of an exploit significantly increases the risk of exploitation. The low CVSS score reflects the difficulty of exploitation, but the potential impact remains concerning, especially in environments where user accounts have elevated privileges.
The vulnerability is publicly known with a proof-of-concept exploit available, increasing the likelihood of exploitation. It has been added to the NVD database. The vendor was contacted but did not respond. The EPSS score is likely medium due to the public exploit and the potential for widespread exploitation.
Organizations using kalcaddle kodbox version 1.64–1.64, particularly those with shared hosting environments or where user accounts have administrative privileges, are at significant risk. Users who frequently interact with the loginSubmit API are also more vulnerable.
• php / web:
grep -r 'bind/index.class.php' /workspace/source-code/plugins/oauth/• generic web:
curl -I https://your-kodbox-instance/workspace/source-code/plugins/oauth/controller/bind/index.class.php | grep -i '200 OK'disclosure
Statut de l'Exploit
EPSS
0.02% (percentile 3%)
CISA SSVC
Vecteur CVSS
The primary mitigation for CVE-2026-4590 is to upgrade to a patched version of kalcaddle kodbox. Since a fixed version is not specified, consider implementing additional security measures as a temporary workaround. These include implementing strict input validation on the loginSubmit API to sanitize the 'third' argument and preventing unauthorized modifications. Employing a Web Application Firewall (WAF) with XSRF protection rules can also help mitigate the risk. Regularly review access logs for suspicious activity and implement multi-factor authentication to reduce the impact of successful attacks. After applying mitigations, verify the integrity of user accounts and data.
Actualice kodbox a una versión posterior a la 1.64, si está disponible, para corregir la vulnerabilidad CSRF. Si no hay una versión disponible, considere deshabilitar o eliminar el plugin oauth hasta que se publique una solución.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2026-4590 is a cross-site request forgery vulnerability in kalcaddle kodbox versions 1.64–1.64, allowing attackers to perform actions as authenticated users.
If you are using kalcaddle kodbox version 1.64–1.64, you are potentially affected by this vulnerability.
Upgrade to a patched version of kalcaddle kodbox. If a patch is unavailable, implement input validation and WAF rules as temporary mitigations.
A public exploit is available, suggesting a high probability of active exploitation.
The vendor was contacted but did not respond. Check the NVD database for updates.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.