CNNVD-202512-3415 Information
Dec 18, 2025
cve
CNNVD ID
CNNVD-202512-3415
Related CVE
- CNNVD Published: 2025-12-18
Description (Chinese)
FreshRSS是FreshRSS开源的一个免费的、可自行托管的 RSS 聚合器。 FreshRSS 1.27.1之前版本存在安全漏洞,该漏洞源于注销功能存在跨站请求伪造漏洞,可能导致拒绝服务攻击。
Description (English)
FreshRSS is a free, self-serving RSS polymer for FreshRSS. There was a security loophole in the previous version of FreshRSS 1.27.1, which stemmed from the existence of a cross-site request for forgery that could lead to a denial of service attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
FreshRSS
Published
2025-12-18
Last Modified
2026-02-24
References
https://github.com/FreshRSS/FreshRSS/pull/7958 https://github.com/FreshRSS/FreshRSS/pull/7997 https://github.com/FreshRSS/FreshRSS/pull/7999 https://github.com/FreshRSS/FreshRSS/security/advisories/GHSA-w7f5-8vf9-f966
Patch
https://github.com/FreshRSS/FreshRSS/releases
Share on: