CVE-2023-25195

CVE-2023-25195: Apache Fineract: SSRF template type vulnerability in certain authenticated users

Vendor Apache Software Foundation

Product Apache Fineract

Weakness CWE-918 · SSRF

Published March 28, 2023

Last update October 23, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache Fineract. Authorized users with limited permissions can gain access to server and may be able to use server for any outbound traffic. This issue affects Apache Fineract: from 1.4 through 1.8.3.

Key dates

Disclosure timeline

March 28, 2023 CVE published

October 23, 2024 Record updated