209 matches found
FreshRSS 安全漏洞
FreshRSS is a free, self-hosted RSS aggregator from FreshRSS Open Source. A security vulnerability exists in FreshRSS versions 1.26.3 and earlier, which stems from an improperly set path in the subject field and could lead to a directory enumeration attack...
CVE-2025-59950 FreshRSS: Double clickjacking can lead to privilege escalation
FreshRSS is a free, self-hostable RSS aggregator. In versions 1.26.3 and below, due to a bypass of double clickjacking protection confirmation dialog, it is possible to trick the admin into clicking the Promote button in another user's management page after the admin double clicks on a button...
CVE-2025-59950
FreshRSS
CVE-2025-59950 FreshRSS: Double clickjacking can lead to privilege escalation
FreshRSS is a free, self-hostable RSS aggregator. In versions 1.26.3 and below, due to a bypass of double clickjacking protection confirmation dialog, it is possible to trick the admin into clicking the Promote button in another user's management page after the admin double clicks on a button...
CVE-2025-59950 FreshRSS: Double clickjacking can lead to privilege escalation
FreshRSS is a free, self-hostable RSS aggregator. In versions 1.26.3 and below, due to a bypass of double clickjacking protection confirmation dialog, it is possible to trick the admin into clicking the Promote button in another user's management page after the admin double clicks on a button...
CVE-2025-59948
FreshRSS is a free, self-hostable RSS aggregator. Versions 1.26.3 and below do not sanitize certain event handler attributes in feed content, so by finding a page that renders feed entries without CSP, it is possible to execute an XSS payload. The Allow API access authentication setting needs to ...
CVE-2025-61586
CVE-2025-61586 affects FreshRSS. Versions 1.26.3 and earlier are vulnerable to directory enumeration by manipulating the theme field path, allowing an attacker to determine existence of directories on the server and gain additional information. The issue is fixed in 1.27.0 . There are multiple co...
CVE-2025-61586 FreshRSS is vulnerable to directory enumeration by setting path in its theme field
FreshRSS is a free, self-hostable RSS aggregator. Versions 1.26.3 and below are vulnerable to directory enumeration by setting path in theme field, allowing attackers to gain additional information about the server by checking if certain directories exist. This issue is fixed in version 1.27.0...
CVE-2025-61586 FreshRSS is vulnerable to directory enumeration by setting path in its theme field
FreshRSS is a free, self-hostable RSS aggregator. Versions 1.26.3 and below are vulnerable to directory enumeration by setting path in theme field, allowing attackers to gain additional information about the server by checking if certain directories exist. This issue is fixed in version 1.27.0...
CVE-2025-61586 FreshRSS is vulnerable to directory enumeration by setting path in its theme field
FreshRSS is a free, self-hostable RSS aggregator. Versions 1.26.3 and below are vulnerable to directory enumeration by setting path in theme field, allowing attackers to gain additional information about the server by checking if certain directories exist. This issue is fixed in version 1.27.0...
CVE-2025-59948 FreshRSS is vulnerable to XSS due to lack of CSP on HTML query page
FreshRSS is a free, self-hostable RSS aggregator. Versions 1.26.3 and below do not sanitize certain event handler attributes in feed content, so by finding a page that renders feed entries without CSP, it is possible to execute an XSS payload. The Allow API access authentication setting needs to ...
CVE-2025-59948 FreshRSS is vulnerable to XSS due to lack of CSP on HTML query page
FreshRSS is a free, self-hostable RSS aggregator. Versions 1.26.3 and below do not sanitize certain event handler attributes in feed content, so by finding a page that renders feed entries without CSP, it is possible to execute an XSS payload. The Allow API access authentication setting needs to ...
CVE-2025-59948
FreshRSS versions 1.26.3 and earlier are vulnerable to XSS due to unsanitized event handler attributes in feed content. The attack requires that the instance has API access authentication enabled and uses the /api/query.php endpoint; successful exploitation can lead to account takeover and, if th...
CVE-2025-59948 FreshRSS is vulnerable to XSS due to lack of CSP on HTML query page
FreshRSS is a free, self-hostable RSS aggregator. Versions 1.26.3 and below do not sanitize certain event handler attributes in feed content, so by finding a page that renders feed entries without CSP, it is possible to execute an XSS payload. The Allow API access authentication setting needs to ...
CVE-2025-57769
FreshRSS is a free, self-hostable RSS aggregator. Versions 1.26.3 and below contain a vulnerability where a specially crafted page can trick a user into executing arbitrary JS code or promoting a user in FreshRSS by obscuring UI elements in iframes. If embedding an authenticated iframe is possibl...
CVE-2025-54592
FreshRSS is a free, self-hostable RSS aggregator. Versions 1.26.3 and below do not properly terminate the session during logout. After a user logs out, the session cookie remains active and unchanged. The unchanged cookie could be reused by an attacker if a new session were to be started. This...
CVE-2025-54875
FreshRSS is a free, self-hostable RSS aggregator. In versions 1.16.0 and above through 1.26.3, an unprivileged attacker can create a new admin user when registration is enabled through the use of a hidden field used only in the user management admin page, newuserisadmin. This is fixed in version...
CVE-2025-57769 FressRSS: Clickjacking can lead to XSS and/or privilege escalation
FreshRSS is a free, self-hostable RSS aggregator. Versions 1.26.3 and below contain a vulnerability where a specially crafted page can trick a user into executing arbitrary JS code or promoting a user in FreshRSS by obscuring UI elements in iframes. If embedding an authenticated iframe is possibl...
CVE-2025-57769 FressRSS: Clickjacking can lead to XSS and/or privilege escalation
FreshRSS is a free, self-hostable RSS aggregator. Versions 1.26.3 and below contain a vulnerability where a specially crafted page can trick a user into executing arbitrary JS code or promoting a user in FreshRSS by obscuring UI elements in iframes. If embedding an authenticated iframe is possibl...
CVE-2025-57769
CVE-2025-57769 affects FreshRSS