| Título | yanyutao0402 ChanCMS V3.3.0 Unauthorized SSRF |
|---|
| Descripción | The getPages and getArticle methods in CollectController both get the URL from the request body and call collect.common to get the contents of the URL. In the getPages method, the targetUrl parameter has been verified by the isValidTargetUrl function. However, in the getArticle method, the taskUrl parameter is not validated by isValidTargetUrl before being passed to collect.common. |
|---|
| Fuente | ⚠️ https://github.com/August829/Yu/blob/main/58ead8e7e08bfb0e7.md |
|---|
| Usuario | Yu_Bao (UID 89348) |
|---|
| Sumisión | 2025-08-22 12:19 (hace 10 meses) |
|---|
| Moderación | 2025-09-10 12:24 (19 days later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 323484 [yanyutao0402 ChanCMS 3.3.0 /cms/collect/getArticle CollectController taskUrl escalada de privilegios] |
|---|
| Puntos | 20 |
|---|