CVE-2024-25864

Published April 3rd, 2024

View on NVD ↗

CVSS v3

9.1

CRITICAL

CVSS v2

N/A

Affected

PROJECT

Description

Server Side Request Forgery (SSRF) vulnerability in Friendica versions after v.2023.12, allows a remote attacker to execute arbitrary code and obtain sensitive information via the fpostit.php component.

friendica/friendica

Friendica Communications Platform

GitHub

1.68K