Vulnerability Details CVE-2025-51058
Bottinelli Informatical Vedo Suite 2024.17 is vulnerable to Server-side Request Forgery (SSRF) in the /api_vedo/video/preview endpoint, which allows remote authenticated attackers to trigger HTTP requests towards arbitrary remote paths via the "file" URL parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 15.1%
CVSS Severity
CVSS v3 Score 6.5
References
Products affected by CVE-2025-51058
-
cpe:2.3:a:vedo_suite_project:vedo_suite:2024.17