CVE-2025-54122

Name of the Vulnerable Software and Affected Versions Manager-io/Manager versions up to and including 25.7.18.2519

Description Manager-io/Manager is accounting software with a critical unauthenticated Server-Side Request Forgery (SSRF) vulnerability identified in the proxy handler component. This vulnerability allows an unauthenticated attacker to bypass network isolation and access restrictions, potentially enabling access to internal services, cloud metadata endpoints, and the exfiltration of sensitive data from isolated network segments.

Recommendations Update to version 25.7.21.2525 or later.