VYPR
High severity7.7OSV Advisory· Published Jan 14, 2025· Updated Jun 17, 2026

CVE-2025-0474

CVE-2025-0474

Description

Invoice Ninja is vulnerable to authenticated Server-Side Request Forgery (SSRF) allowing for arbitrary file read and network resource requests as the application user. This issue affects Invoice Ninja: from 5.8.56 through 5.11.23.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • 5.8.56, v5.10.0, v5.10.1, …+ 1 more
    • (no CPE)range: 5.8.56, v5.10.0, v5.10.1, …
    • (no CPE)range: 5.8.56 - 5.11.23

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.