209 matches found
PT-2025-39904
Name of the Vulnerable Software and Affected Versions FreshRSS versions 1.16.0 through 1.26.3 Description FreshRSS is a free, self-hostable RSS aggregator. An unprivileged attacker can create a new administrator user when registration is enabled. This is achieved through manipulation of a hidden...
PT-2025-39918
Name of the Vulnerable Software and Affected Versions FreshRSS versions 1.26.3 and below Description FreshRSS does not properly sanitize event handler attributes within feed content. This can lead to cross-site scripting XSS if a page renders feed entries without a Content Security Policy CSP. Th...
PT-2025-39919
Name of the Vulnerable Software and Affected Versions FreshRSS versions 1.26.3 and below Description FreshRSS is susceptible to directory enumeration. By manipulating the theme field with a specific path, an attacker can determine the existence of directories on the server, potentially gaining...
FreshRSS 跨站脚本漏洞
FreshRSS is a free, self-hosted RSS aggregator from FreshRSS Open Source. A cross-site scripting vulnerability exists in FreshRSS versions 1.26.3 and earlier, which stems from not cleaning certain event handler attributes in the feed content and could lead to a cross-site scripting attack...
PT-2025-39920
Name of the Vulnerable Software and Affected Versions FreshRSS versions 1.26.3 and below Description FreshRSS is susceptible to a double clickjacking protection bypass. An attacker can trick an administrator into promoting themselves to "admin" and logging into other users' accounts. This is...
PT-2025-39903
Name of the Vulnerable Software and Affected Versions FreshRSS versions 1.26.3 and below Description FreshRSS does not properly end a user session when they log out. The session cookie remains active and can be reused by an attacker to start a new session, potentially leading to session hijacking...
CVE-2025-54593
FreshRSS is a free, self-hostable RSS aggregator. In versions 1.26.1 and below, an authenticated administrator user can execute arbitrary code on the FreshRSS server by modifying the update URL to one they control, and gain code execution after running an update. After successfully executing code...
CVE-2025-54593
FreshRSS is a free, self-hostable RSS aggregator. In versions 1.26.1 and below, an authenticated administrator user can execute arbitrary code on the FreshRSS server by modifying the update URL to one they control, and gain code execution after running an update. After successfully executing code...
CVE-2025-54593
FreshRSS up to version 1.26.1 is vulnerable to RCE via an authenticated administrator who can modify the update URL to execute arbitrary code on the server; successful exploitation can lead to data exfiltration (including hashed passwords) and possible defacement. The issue is fixed in version 1....
CVE-2025-54593 FreshRSS is vulnerable to RCE attacks by authenticated admin
FreshRSS is a free, self-hostable RSS aggregator. In versions 1.26.1 and below, an authenticated administrator user can execute arbitrary code on the FreshRSS server by modifying the update URL to one they control, and gain code execution after running an update. After successfully executing code...
CVE-2025-54593 FreshRSS is vulnerable to RCE attacks by authenticated admin
FreshRSS is a free, self-hostable RSS aggregator. In versions 1.26.1 and below, an authenticated administrator user can execute arbitrary code on the FreshRSS server by modifying the update URL to one they control, and gain code execution after running an update. After successfully executing code...
CVE-2025-54593 FreshRSS is vulnerable to RCE attacks by authenticated admin
FreshRSS is a free, self-hostable RSS aggregator. In versions 1.26.1 and below, an authenticated administrator user can execute arbitrary code on the FreshRSS server by modifying the update URL to one they control, and gain code execution after running an update. After successfully executing code...
FreshRSS 代码注入漏洞
FreshRSS is a free, self-hosted RSS aggregator from the FreshRSS open source. A code injection vulnerability exists in FreshRSS versions 1.26.1 and earlier, which stems from an administrator being able to modify the update URL, potentially leading to arbitrary code execution...
PT-2025-31676 · Freshrss · Freshrss
Name of the Vulnerable Software and Affected Versions: FreshRSS versions 1.26.1 and below Description: FreshRSS is a free, self-hostable RSS aggregator. An authenticated administrator user can execute arbitrary code on the FreshRSS server by modifying the update URL to one they control, and gain...
CVE-2025-31134
FreshRSS is a self-hosted RSS feed aggregator. Prior to version 1.26.2, an attacker can gain additional information about the server by checking if certain directories exist. An attacker can, for example, check if older PHP versions are installed or if certain software is installed on the server...
CVE-2025-46341
FreshRSS is a self-hosted RSS feed aggregator. Prior to version 1.26.2, when the server is using HTTP auth via reverse proxy, it's possible to impersonate any user either via the Remote-User header or the X-WebAuth-User header by making specially crafted requests via the add feed functionality an...
CVE-2025-46339
FreshRSS is a self-hosted RSS feed aggregator. Prior to version 1.26.2, it's possible to poison feed favicons by adding a given URL as a feed with the proxy set to an attacker-controlled one and disabled SSL verifying. The favicon hash is computed by hashing the feed URL and the salt, whilst not...
CVE-2025-32015
FreshRSS is a self-hosted RSS feed aggregator. Prior to version 1.26.2, HTML is sanitized improperly inside the attribute, which leads to cross-site scripting XSS by loading an attacker's UserJS inside...
CVE-2025-31136
FreshRSS is a self-hosted RSS feed aggregator. Prior to version 1.26.2, it's possible to run arbitrary JavaScript on the feeds page. This occurs by combining a cross-site scripting XSS issue that occurs in f.php when SVG favicons are downloaded from an attacker-controlled feed containing...
CVE-2025-31482
FreshRSS is a self-hosted RSS feed aggregator. A vulnerability in versions prior to 1.26.2 causes a user to be repeatedly logged out after fetching a malicious feed entry, effectively causing that user to suffer denial of service. Version 1.26.2 contains a patch for the issue...