{"uuid": "69011ac8-498a-477a-bc6b-20bbf4d57611", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0474", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1583", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-0474\n\ud83d\udd39 Description: Invoice Ninja is vulnerable to authenticated Server-Side Request Forgery (SSRF) allowing for arbitrary file read and network resource requests as the application user.\nThis issue affects Invoice Ninja: from 5.8.56 through 5.11.23.\n\ud83d\udccf Published: 2025-01-14T18:50:30.331Z\n\ud83d\udccf Modified: 2025-01-14T18:50:30.331Z\n\ud83d\udd17 References:\n1. https://github.com/invoiceninja/invoiceninja/commit/2a9bf353b432d7060e85487b617151ecbc36247d\n2. https://vulncheck.com/advisories/invoice-ninja-ssrf\n3. https://github.com/invoiceninja/invoiceninja/compare/97ae948618230c1812f3223b80bf22dcb0382dc5..435780932fe19063001d79ba518815df62773d71", "creation_timestamp": "2025-01-14T19:10:56.000000Z"}