CVE-2025-1521
CVE-2025-1521 concerns PostHog's slack_incoming_webhook processing. The vulnerability stems from inadequate validation of a URI before accessing resources, enabling a network-based SSRF that can disclose sensitive information and potentially execute code in the service account context. The initia...