CVE-2026-63306

StoatChat · StoatChat

StoatChat is vulnerable to unauthenticated Server-Side Request Forgery (SSRF) via its proxy and embed endpoints.

Executive summary

An unauthenticated Server-Side Request Forgery vulnerability in StoatChat allows attackers to abuse proxy and embed functionality to perform unauthorized requests to internal resources.

Vulnerability

The application fails to properly validate user-supplied input in the proxy and embed endpoints, resulting in a Server-Side Request Forgery (SSRF) vulnerability. This flaw allows an unauthenticated attacker to interact with backend systems that are otherwise unreachable.

Business impact

This vulnerability enables attackers to conduct internal port scanning, interact with private APIs, or exfiltrate sensitive configuration data from the server environment. With a CVSS score of 8.6, the potential for unauthorized access to internal infrastructure is high and requires immediate remediation to prevent lateral movement.

Remediation

Immediate Action: Upgrade StoatChat to version 0.13.5 or later to resolve the underlying SSRF vulnerability.

Proactive Monitoring: Review web server access logs for requests targeting the proxy or embed endpoints that contain suspicious or internal-only URLs.

Compensating Controls: Deploy a Web Application Firewall (WAF) with rules configured to block requests containing suspicious URL patterns or unexpected internal IP addresses.

Exploitation status

Public Exploit Available: Unknown

Analyst recommendation

Organizations utilizing StoatChat must update to version 0.13.5 immediately. Failure to patch leaves the internal network exposed to unauthorized requests and potential data compromise.