cvedb.io
CVE-2023-25195
HIGH · CVSS 8.1
EPSS exploitation probability: 0%
Published 2023-03-28T12:15:07.280 · Last modified 2026-06-17T05:40:53.970

Summary

Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache Fineract. Authorized users with limited permissions can gain access to server and may be able to use server for any outbound traffic.  This issue affects Apache Fineract: from 1.4 through 1.8.3.

Affected products

apache — fineract

Does this affect you?

Add your gear to cvedb and we'll alert you only when apache ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.