CNNVD-202507-1682 Information

CNNVD ID

CNNVD-202507-1682

Related CVE

CVE-2025-53641

• CNNVD Published: 2025-07-11

Description (Chinese)

Gitroom Postiz是Gitroom开源的一个社交媒体日程安排工具。 Gitroom Postiz 1.45.1至1.62.3版本存在代码问题漏洞，该漏洞源于HTTP头注入，可能导致服务端请求伪造。

Description (English)

Gitroom Postiz is a social media agendar for Gitroom. Gitroom Postiz 1.45.1 to 1.62.3 has a code gap, which originates from HTTP head-injection and may lead to the forgery of service-level requests.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

Gitroom

Published

2025-07-11

Last Modified

2026-02-24

References

https://github.com/gitroomhq/postiz-app/commit/65eca0e2f22155b43c78724ca43617ee52e42753 https://github.com/gitroomhq/postiz-app/security/advisories/GHSA-48c8-25jq-m55f https://access.redhat.com/security/cve/cve-2025-53641

Patch

https://github.com/gitroomhq/postiz-app/releases