High severity7.7OSV Advisory· Published Jan 14, 2025· Updated Jun 17, 2026
CVE-2025-0474
CVE-2025-0474
Description
Invoice Ninja is vulnerable to authenticated Server-Side Request Forgery (SSRF) allowing for arbitrary file read and network resource requests as the application user. This issue affects Invoice Ninja: from 5.8.56 through 5.11.23.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
25.8.56, v5.10.0, v5.10.1, …+ 1 more
- (no CPE)range: 5.8.56, v5.10.0, v5.10.1, …
- (no CPE)range: 5.8.56 - 5.11.23
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.