| 제목 | yanyutao0402 ChanCMS V3.3.0 Unauthorized SSRF |
|---|
| 설명 | The getPages and getArticle methods in CollectController both get the URL from the request body and call collect.common to get the contents of the URL. In the getPages method, the targetUrl parameter has been verified by the isValidTargetUrl function. However, in the getArticle method, the taskUrl parameter is not validated by isValidTargetUrl before being passed to collect.common. |
|---|
| 원천 | ⚠️ https://github.com/August829/Yu/blob/main/58ead8e7e08bfb0e7.md |
|---|
| 사용자 | Yu_Bao (UID 89348) |
|---|
| 제출 | 2025. 08. 22. PM 12:19 (10 개월 ago) |
|---|
| 모더레이션 | 2025. 09. 10. PM 12:24 (19 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 323484 [yanyutao0402 ChanCMS 3.3.0 /cms/collect/getArticle CollectController taskUrl 권한 상승] |
|---|
| 포인트들 | 20 |
|---|