Soumettre #619777: yanyutao0402 https://gitee.com/yanyutao0402/ChanCMS <3.1.3 SSRFinformation

Titreyanyutao0402 https://gitee.com/yanyutao0402/ChanCMS <3.1.3 SSRF
DescriptionSSRF vulnerability on /cms/gather/getArticle In the network access functionality, the target URL is user-controllable and lacks sufficient security handling, thus allowing attackers to exploit SSRF vulnerabilities to access internal hosts and services.
La source⚠️ https://gitee.com/yanyutao0402/ChanCMS/issues/ICLP1K
Utilisateur
 ZAST.AI (UID 87884)
Soumission21/07/2025 14:22 (il y a 11 mois)
Modérer24/07/2025 17:44 (3 days later)
StatutAccepté
Entrée VulDB317529 [yanyutao0402 ChanCMS jusqu’à 3.1.2 gather.js getArticle targetUrl élévation de privilèges]
Points17

PrécédentAperçuSuivant

Do you want to use VulDB in your project?

Use the official API to access entries easily!