PT-2025-23855 · Freshrss · Freshrss
Name of the Vulnerable Software and Affected Versions: FreshRSS versions prior to 1.26.2 Description: The issue allows an attacker to poison feed favicons by manipulating the feed URL and proxy settings, potentially replacing favicons for all users. This is possible because the favicon hash...