CVE-2025-64752 | gristlabs grist-core up to 1.7.6 server-side request forgery (GHSA-qh95-2qv8-pqx3)

Inserito da Angelo Barbosa | Nov 14, 2025 | CVE

A vulnerability, which was classified as critical, has been found in gristlabs grist-core up to 1.7.6. Affected by this vulnerability is an unknown functionality. This manipulation causes server-side request forgery.

This vulnerability is handled as CVE-2025-64752. The attack can be initiated remotely. There is not any exploit available.

It is advisable to upgrade the affected component.

CVE-2025-64752 | gristlabs grist-core up to 1.7.6 server-side request forgery (GHSA-qh95-2qv8-pqx3)

Post correlati

CVE-2024-40415 | Tenda AX1806 1.0.0.1 SetStaticRouteCfg sub_519F4 stack-based overflow

CVE-2021-47463 | Linux Kernel up to 5.14.14 page_is_secretmem null pointer dereference (b77ba1e02345/79f9bc584314)

CVE-2024-22148 | WP Smart Editor JoomUnited Plugin up to 1.3.3 on WordPress cross site scripting

CVE-2024-4886 | buddyboss-platform Plugin up to 2.5.x on WordPress ID authorization