제출 #497603: iteachyou Dreamer CMS 4.1.3 Server-Side Request Forgery정보

제목iteachyou Dreamer CMS 4.1.3 Server-Side Request Forgery
설명A Server-Side Request Forgery (SSRF) vulnerability exists in the iframe embedding functionality in the article editor (编辑文章) of Dreamer CMS 4.1.3. This vulnerability arises because the application allows authenticated backend users to embed iframes with arbitrary src values using the article editor (编辑文章). An authenticated attacker can exploit this functionality to force the server to make unauthorized requests to external targets, potentially exposing sensitive information or enabling further attacks.
원천⚠️ https://github.com/cydtseng/Vulnerability-Research/blob/main/dreamercms/ServerSideRequestForgery-ArticleEditorIframe.md
사용자
 vastzero (UID 78767)
제출2025. 02. 10. PM 05:10 (1 년도 ago)
모더레이션2025. 02. 21. AM 11:38 (11 days later)
상태중복
VulDB 항목296494 [iteachyou Dreamer CMS 4.1.3 /admin/archives/edit editorValue/answer/content 크로스 사이트 스크립팅]
포인트들0

Interested in the pricing of exploits?

See the underground prices here!