High severity7.2NVD Advisory· Published Jun 11, 2020· Updated Jun 17, 2026
CVE-2020-12725
CVE-2020-12725
Description
Havoc Research discovered an authenticated Server-Side Request Forgery (SSRF) via the "JSON" data source of Redash open-source 8.0.0 and prior. Possibly, other connectors are affected. The SSRF is potent and provides a lot of flexibility in terms of being able to craft HTTP requests e.g., by adding headers, selecting any HTTP verb, etc.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Redash/Redashdescription
Patches
Vulnerability mechanics
References
3- github.com/getredash/redash/commits/masternvdPatchVendor Advisory
- github.com/getredash/redash/issues/4869nvdExploitVendor Advisory
- blog.redash.ionvdVendor Advisory
News mentions
0No linked articles in our index yet.