CVE-2025-0474

Published: 2025-01-14T19:15Z

Last Modified: 2025-01-14T19:15Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Invoice Ninja is vulnerable to authenticated Server-Side Request Forgery (SSRF) allowing for arbitrary file read and network resource requests as the application user. This issue affects Invoice Ninja: from 5.8.56 through 5.11.23. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt