Vulnetix
Try Vulnetix Request Demo
GCVE-VVD-NCSC-2025-375
Advisory PublishedCVSS 5.3/10
Vulnetix · Advisory published November 21, 2025
A Server-Side Request Forgery (SSRF) vulnerability exists in Progress MOVEit Transfer, impacting versions prior to 2024.1.8 and from 2025.0.0 to before 2025.0.4.
Download JSON Open in Console

Weaknesses (CWE)

CWE-918Server-Side Request Forgery (SSRF)

Risk Scores

CVSS 3.1
5.3/10
Medium · CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected Products

VendorProductVersionsPlatforms
Progressvers:unknown/*

Aliases

CVE-2025-13147

Transitive aliases

VVD-CISA-2025-13147GHSA-4hw6-j957-chcwEUVD-2025-198167

References

advisory
advisory
advisory
advisory
advisory

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON