CVE-2026-48555 - Spatie Laravel Media Library < 11.23.0 SSRF via addMediaFromUrl()
Source: Cvefeed
Published:
<p>Spatie Laravel Media Library before version 11.23.0 contains a server-side request forgery vulnerability that allows remote attackers to cause the server to issue arbitrary outbound HTTP requests by passing user-controlled URLs to the addMediaFromUrl() method in InteractsWithMedia.php.</p> <p>The