CVE-2025-3192

Published: 2025-04-04T05:15Z

Last Modified: 2025-04-04T15:15Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Versions of the package spatie/browsershot from 0.0.0 are vulnerable to Server-side Request Forgery (SSRF) in the setUrl() function due to a missing restriction on user input, enabling attackers to access localhost and list all of its directories. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt