| Title | JiZhiCMS 2.4.5 is vulnerable to Server-side request forgery (SSRF) |
|---|
| Description | A vulnerability has been discovered in JiZhiCMS. This affects the index function in the file TemplateController.php. Manipulation of parameters leads to SSRF.
The problem is in the Index function in TemplateController.php, we can control the set and webapi parameters can be customized to add an address and then visit Template/index can be triggered. |
|---|
| Source | ⚠️ https://github.com/HuBenLab/HuBenVulList/blob/main/JiZhiCMS%20is%20vulnerable%20to%20Server-side%20request%20forgery%20(SSRF).md |
|---|
| User | p0ison (ID 37575) |
|---|
| Submission | 25.05.2023 08:51 (12 months ago) |
|---|
| Moderation | 27.05.2023 09:37 (2 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Entry | 230082 |
|---|