CVE-2025-64430 | parse-community parse-server up to 7.5.3/8.4.0-alpha.1 Parse.File uri server-side request forgery (GHSA-x4qj-2f4q-r4rx)

A vulnerability, which was classified as critical, has been found in parse-community parse-server up to 7.5.3/8.4.0-alpha.1. This issue affects the function Parse.File. The manipulation of the argument uri leads to server-side request forgery.

This vulnerability is uniquely identified as CVE-2025-64430. The attack is possible to be carried out remotely. No exploit exists.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More