Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Lifecycle Timeline
5DescriptionGitHub Advisory
FreshRSS is a self-hosted RSS feed aggregator. Prior to version 1.26.2, it's possible to poison feed favicons by adding a given URL as a feed with the proxy set to an attacker-controlled one and disabled SSL verifying. The favicon hash is computed by hashing the feed URL and the salt, whilst not including the following variables: proxy address, proxy protocol, and whether SSL should be verified. Therefore it's possible to poison a favicon of a given feed by simply intercepting the response of the feed, and changing the website URL to one where a threat actor controls the feed favicon. Feed favicons can be replaced for all users by anyone. Version 1.26.2 fixes the issue.
AnalysisAI
A security vulnerability in FreshRSS (CVSS 4.3). Risk factors: public PoC available. Vendor patch is available.
Technical ContextAI
Vulnerability type: remote code execution. Affects FreshRSS.
RemediationAI
Apply the vendor-supplied patch immediately.
FreshRSS versions prior to 1.26.2 suffer from an information disclosure vulnerability that allows unauthenticated remote
Critical authentication bypass vulnerability in FreshRSS versions prior to 1.26.2 that allows authenticated attackers to
FreshRSS is a self-hosted RSS feed aggregator. Prior to version 1.26.2, HTML is sanitized improperly inside the `<iframe
FreshRSS is a self-hosted RSS feed aggregator. Prior to version 1.26.2, it's possible to run arbitrary JavaScript on the
FreshRSS is a self-hosted RSS feed aggregator. Rated medium severity (CVSS 5.5), this vulnerability is low attack comple
FreshRSS is a self-hosted RSS feed aggregator. A vulnerability in versions prior to 1.26.2 causes a user to be repeatedl
self-hostable RSS aggregator. versions up to 1.28.0 is affected by improper access control (CVSS 7.5).
FreshRSS is a free, self-hostable RSS aggregator. Rated high severity (CVSS 7.5), this vulnerability is remotely exploit
FreshRSS is a free, self-hostable RSS aggregator. Rated medium severity (CVSS 6.9), this vulnerability is remotely explo
FreshRSS is a free, self-hostable RSS aggregator. Rated medium severity (CVSS 6.7), this vulnerability is remotely explo
FreshRSS is a free, self-hostable RSS aggregator. Rated medium severity (CVSS 6.7), this vulnerability is remotely explo
FreshRSS is a free, self-hostable RSS aggregator. Rated medium severity (CVSS 5.3), this vulnerability is remotely explo
Same technique Information Disclosure
View allVendor StatusVendor
Debian
Bug #1032767| Release | Status | Fixed Version | Urgency |
|---|---|---|---|
| open | - | - |
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-16931