| शीर्षक | yanyutao0402 https://gitee.com/yanyutao0402/ChanCMS <3.1.3 SSRF |
|---|
| विवरण | SSRF vulnerability on /cms/gather/getArticle
In the network access functionality, the target URL is user-controllable and lacks sufficient security handling, thus allowing attackers to exploit SSRF vulnerabilities to access internal hosts and services. |
|---|
| स्रोत | ⚠️ https://gitee.com/yanyutao0402/ChanCMS/issues/ICLP1K |
|---|
| उपयोगकर्ता | ZAST.AI (UID 87884) |
|---|
| सबमिशन | 21/07/2025 02:22 PM (11 महीनों पहले) |
|---|
| संयम | 24/07/2025 05:44 PM (3 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 317529 [yanyutao0402 ChanCMS तक 3.1.2 gather.js getArticle targetUrl अधिकार वृद्धि] |
|---|
| अंक | 17 |
|---|