Vulnerabilities

CVE-2025-0474

by Fred · 14/01/2025

Invoice Ninja is vulnerable to authenticated Server-Side Request Forgery (SSRF) allowing for arbitrary file read and network resource requests as the application user.
This issue affects Invoice Ninja: from 5.8.56 through 5.11.23.

More information : https://github.com/invoiceninja/invoiceninja/commit/2a9bf353b432d7060e85487b617151ecbc36247d

Similar

Tags: Cybersecurity Alert