CVE Catalog

CVE-2025-57305

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.36%

28th percentile - higher than 28% of all known CVEs

Summary

A Server-Side Request Forgery (SSRF) vulnerability in VitaraCharts 5.3.5 in fileLoader.jsp allows an attacker to send requests from the server to internal network resources.

Risk Assessment

An attacker can exploit this vulnerability to scan internal networks, access sensitive data, or launch further attacks against internal systems.

Recommendation

It is recommended to immediately update VitaraCharts to the latest version and implement URL validation and filtering mechanisms in fileLoader.jsp.

Original NVD description (English source)

VitaraCharts 5.3.5 is vulnerable to Server-Side Request Forgery in fileLoader.jsp.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS