| Title | China Shanghai Lingdang Information Technology Lingdang CRM <= V8.6.5.4 Server-Side Request Forgery |
|---|
| Description | In the latest version of LingDang CRM<=V8.6.5.4, it is vulnerable to server-side request forgery attacks. This allows unauthenticated attackers to make web requests to any location originating from web applications, which can be used to query and modify information from internal services. |
|---|
| Source | ⚠️ https://github.com/jackyliu666/dingtalk |
|---|
| User | paatiw (UID 32385) |
|---|
| Submission | 08/18/2025 18:33 (10 months ago) |
|---|
| Moderation | 09/09/2025 18:02 (22 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 323233 [Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.5.4 index_event.php corpurl server-side request forgery] |
|---|
| Points | 18 |
|---|