| Title | magicblack MacCMSv10 v2025.1000.4050 SSRF |
|---|
| Description | The root cause is that the back-end code receives a user-controllable URL parameter and, without performing strict security validation, directly uses this URL to initiate a network request on behalf of the server itself. |
|---|
| Source | ⚠️ https://github.com/August829/Yu/blob/main/58ead8e7e08bfb018.md |
|---|
| User | Yu Bao (UID 88956) |
|---|
| Submission | 09/02/2025 16:45 (8 months ago) |
|---|
| Moderation | 09/13/2025 19:29 (11 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 323832 [Magicblack MacCMS 2025.1000.4050 API cjurl server-side request forgery] |
|---|
| Points | 17 |
|---|