CVE-2023-25195

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-25195

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-25195.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-25195

Published

2023-03-28T12:15:07.280Z

Modified

2026-04-10T04:55:59.953395Z

Severity

8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N CVSS Calculator

Summary

[none]

Details

Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache Fineract. Authorized users with limited permissions can gain access to server and may be able to use server for any outbound traffic.

This issue affects Apache Fineract: from 1.4 through 1.8.3.

References

https://lists.apache.org/thread/m58fdjmtkfp9h4c0r4l48rv995w3qhb6

Affected packages

Git / github.com/apache/fineract

Affected ranges

Type

GIT

Repo

https://github.com/apache/fineract

Events

Introduced

ee99f30e532c828338210bb412b7f876a534f02a

Last affected

7d2121d8cd50f962f8b423fbf7cd7cbb6c17ccd4

Database specific

{
    "versions": [
        {
            "introduced": "1.4.0"
        },
        {
            "last_affected": "1.8.3"
        }
    ]
}

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-25195.json"