CVE-2025-1522

MEDIUM

PostHog < 0.3.7 - Authenticated Server-Side Request Forgery in database_schema Method

Title source: llm

Description

PostHog database_schema Server-Side Request Forgery Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PostHog. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementation of the database_schema method. The issue results from the lack of proper validation of a URI prior to accessing resources. An attacker can leverage this vulnerability to disclose information in the context of the service account. Was ZDI-CAN-25358.

References (2)

Core 2

Core References

Third Party Advisory x_research-advisory

https://www.zerodayinitiative.com/advisories/ZDI-25-097/

Patch vendor-advisory

https://github.com/PostHog/posthog/commit/3732c0fd9551ed29521b58611bf1e44d918c1032

View Patch ZIP pw:eip

Scores

CVSS v3 6.5

EPSS 0.0052

EPSS Percentile 39.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-918

Status published

Products (1)

posthog/posthog < 0.3.7

Published Apr 23, 2025

Tracked Since Feb 18, 2026