CVE-2020-25787

An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-16. It does not validate all URLs before requesting them.

Date published : 2020-09-19

http://packetstormsecurity.com/files/161606/TinyTinyRSS-Remote-Code-Execution.html

https://community.tt-rss.org/t/heads-up-several-vulnerabilities-fixed/3799