CVE-2025-15414

A flaw has been found in go-sonic sonic up to 1.1.4. The affected element is the function FetchTheme of the file service/theme/gitfetcher.go of the component Theme Fetching API. Executing a manipulation of the argument uri can lead to server-side request forgery. The attack may be launched...

CVE-2025-15414

The CVE-2025-15414 issue affects go-sonic up to version 1.1.4, specifically the FetchTheme function in service/theme/git_fetcher.go of the Theme Fetching API. The root cause is manipulation of the uri argument that enables server-side request forgery (SSRF), with the attack potentially executable...

CVE-2025-15414 go-sonic Theme Fetching API git_fetcher.go FetchTheme server-side request forgery

A flaw has been found in go-sonic sonic up to 1.1.4. The affected element is the function FetchTheme of the file service/theme/gitfetcher.go of the component Theme Fetching API. Executing a manipulation of the argument uri can lead to server-side request forgery. The attack may be launched...

Sonic 代码问题漏洞

Sonic is a go-sonic open source high performance blogging system developed using golang. A code issue vulnerability exists in Sonic 1.1.4 and earlier versions, which stems from the incorrect operation of the parameter uri in the FetchTheme function in the Theme Fetching API component file...