CVE-2025-64752

Published: Nov 13, 2025

Modified: Nov 14, 2025

PUBLISHED

CVSS v3.1

6.8

MEDIUM

Description

grist-core is a spreadsheet hosting server. Prior to version 1.7.7, a user with access to any document on a Grist installation can use a feature for fetching from a URL that is executed on the server. The privileged network access of server-side requests could offer opportunities for attack escalation. This issue is fixed in version 1.7.7. The mitigation was to use the proxy for untrusted fetches intended for such purposes. As a workaround, avoid making http/https endpoints available to an instance running Grist that expose credentials or operate without credentials.

Vendor	Product	Versions
gristlabs	grist-core	affected `< 1.7.7`

Weaknesses (CWE)

CWE-918

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

None

Availability

None

References

https://github.com/gristlabs/grist-core/security/advisories/GHSA-qh95-2qv8-pqx3

x_refsource_CONFIRM

https://github.com/gristlabs/grist-core/releases/tag/v1.7.7

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-64752

Description

Affected Products

Weaknesses (CWE)

CVSS v3.1 Details

References