Vulnerability Database

314,432

Total vulnerabilities in the database

CVE-2023-25195

Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache Fineract. Authorized users with limited permissions can gain access to server and may be able to use server for any outbound traffic.

This issue affects Apache Fineract: from 1.4 through 1.8.3.

Published: Mar 28, 2023
Updated: Nov 16, 2025
CVE: CVE-2023-25195
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.1
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CWEs:

CWE-918

Affected Software
References

Software	From	Fixed in
apache / fineract	1.4.0	1.8.3.x

https://lists.apache.org/thread/m58fdjmtkfp9h4c0r4l48rv995w3qhb6

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo