CVE-2025-59949 | FreshRSS up to 1.27.0 cross-site request forgery (GHSA-w7f5-8vf9-f966)

A vulnerability has been found in FreshRSS up to 1.27.0 and classified as problematic. Affected by this issue is some unknown functionality. This manipulation causes cross-site request forgery.

The identification of this vulnerability is CVE-2025-59949. It is possible to initiate the attack remotely. There is no exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More