CVE-2025-1522
- EPSS 0.26%
- Veröffentlicht 23.04.2025 16:45:44
- Zuletzt bearbeitet 07.08.2025 18:14:56
PostHog database_schema Server-Side Request Forgery Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PostHog. Authentication is required to exploit this vu...
CVE-2025-1521
- EPSS 0.55%
- Veröffentlicht 23.04.2025 16:45:32
- Zuletzt bearbeitet 07.08.2025 18:19:14
PostHog slack_incoming_webhook Server-Side Request Forgery Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PostHog. Authentication is required to exploit ...
- EPSS 0.21%
- Veröffentlicht 23.04.2025 16:45:19
- Zuletzt bearbeitet 07.08.2025 18:23:30
PostHog ClickHouse Table Functions SQL Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of PostHog. Authentication is required to exploit this vuln...
CVE-2024-9710
- EPSS 0.81%
- Veröffentlicht 22.11.2024 21:15:24
- Zuletzt bearbeitet 03.01.2025 21:36:39
PostHog database_schema Server-Side Request Forgery Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PostHog. Authentication is required to exploit this vu...
CVE-2023-46746
- EPSS 0.06%
- Veröffentlicht 01.12.2023 22:15:10
- Zuletzt bearbeitet 21.11.2024 08:29:12
PostHog provides open-source product analytics, session recording, feature flagging and A/B testing that you can self-host. A server-side request forgery (SSRF), which can only be exploited by authenticated users, was found in Posthog. Posthog did no...
CVE-2022-0645
- EPSS 0.21%
- Veröffentlicht 19.04.2022 12:15:15
- Zuletzt bearbeitet 21.11.2024 06:39:06
Open redirect vulnerability via endpoint authorize_and_redirect/?redirect= in GitHub repository posthog/posthog prior to 1.34.1.