CVE-2025-56520 | Dify 1.6.0 server-side request forgery (Issue 22532)

Inserito da Angelo Barbosa | Set 30, 2025 | CVE

A vulnerability was found in Dify 1.6.0. It has been declared as critical. This affects an unknown function of the component controllers.console.remote_files.RemoteFileUploadApi. Such manipulation leads to server-side request forgery.

This vulnerability is traded as CVE-2025-56520. The attack may be launched remotely. There is no exploit available.

CVE-2025-56520 | Dify 1.6.0 server-side request forgery (Issue 22532)

Post correlati

CVE-2025-10179 | My AskAI Plugin up to 1.0.0 on WordPress Shortcode myaskai cross site scripting

CVE-2024-30451 | Infinitum Forum Geo Controller Plugin up to 8.6.4 on WordPress cross site scripting

CVE-2024-44549 | Tenda AX1806 1.0.0.1 formGetIptv iptv.stb.port stack-based overflow

CVE-2024-4193 | Testimonial Slider Plugin up to 1.3.2 on WordPress cross site scripting