SSRF vulnerability in the RSS feed parser in Zimbra Collaboration 9.0.0 before Patch 43, 10.0.x before 10.0.12, and 10.1.x before 10.1.4 allows unauthorized redirection to internal network endpoints.
References
Configurations
No configuration.
History
13 Mar 2025, 21:15
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-918 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.3 |
18 Feb 2025, 19:15
Type | Values Removed | Values Added |
---|---|---|
CWE | ||
CVSS |
v2 : v3 : |
v2 : unknown
v3 : unknown |
04 Feb 2025, 16:15
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.3 |
CWE | CWE-918 |
03 Feb 2025, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-02-03 20:15
Updated : 2025-03-13 21:15
NVD link : CVE-2025-25065
Mitre link : CVE-2025-25065
CVE.ORG link : CVE-2025-25065
JSON object : View
Products Affected
No product.
CWE
CWE-918
Server-Side Request Forgery (SSRF)