CVE-2025-64752
Unknown Unknown - Not Provided

BaseFortify

Vulnerability report for CVE-2025-64752, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-11-13

Last updated on: 2025-11-26

Assigner: GitHub, Inc.

Description

grist-core is a spreadsheet hosting server. Prior to version 1.7.7, a user with access to any document on a Grist installation can use a feature for fetching from a URL that is executed on the server. The privileged network access of server-side requests could offer opportunities for attack escalation. This issue is fixed in version 1.7.7. The mitigation was to use the proxy for untrusted fetches intended for such purposes. As a workaround, avoid making http/https endpoints available to an instance running Grist that expose credentials or operate without credentials.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-11-13
Last Modified
2025-11-26
Generated
2026-07-06
AI Q&A
2025-11-13
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
getgrist grist-core to 1.7.7 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability in grist-core (prior to version 1.7.7) allows any user with access to a document to use a feature that fetches URLs executed on the server. Because these server-side requests have privileged network access, this can be exploited to escalate attacks. The issue is fixed by using a proxy for untrusted fetches in version 1.7.7.

Impact Analysis

The vulnerability can allow an attacker with document access to perform server-side requests with privileged network access, potentially escalating attacks within the network. This could lead to unauthorized access to internal resources or sensitive data if the server fetches URLs that expose credentials or operate without credentials.

Mitigation Strategies

To mitigate this vulnerability immediately, upgrade grist-core to version 1.7.7 or later. As a workaround, avoid making http/https endpoints available to the Grist instance that expose credentials or operate without credentials. Additionally, ensure that untrusted fetches use the proxy feature introduced in version 1.7.7 to prevent server-side request exploitation.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-64752. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart