Submit #622171: yanyutao0402 https://gitee.com/yanyutao0402/ChanCMS <3.1.3 SSRFinfo

Titleyanyutao0402 https://gitee.com/yanyutao0402/ChanCMS <3.1.3 SSRF
DescriptionSSRF vulnerability on the /cms/collect/getPages. In the network access functionality, the target URL is user-controllable and lacks sufficient security handling, thus allowing attackers to exploit SSRF vulnerabilities to access internal hosts and services.
Source⚠️ https://gitee.com/yanyutao0402/ChanCMS/issues/ICLP28
User
 ZAST.AI (UID 87884)
Submission07/25/2025 03:21 (9 months ago)
Moderation07/26/2025 15:08 (1 day later)
StatusAccepted
VulDB entry317816 [yanyutao0402 ChanCMS up to 3.1.2 /cms/collect/getPages targetUrl server-side request forgery]
Points17

PreviousOverviewNext

Do you want to use VulDB in your project?

Use the official API to access entries easily!