Security Advisory

CVE-2025-0474

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-01-14 18:50:30

Last updated 2025-11-19 20:29:57

Assigner VulnCheck

State PUBLISHED

Description

Invoice Ninja is vulnerable to authenticated Server-Side Request Forgery (SSRF) allowing for arbitrary file read and network resource requests as the application user. This issue affects Invoice Ninja: from 5.8.56 through 5.11.23.

← Browse all CVEs View on cve.org ↗