提交 #645805: magicblack MacCMSv10 v2025.1000.4050 SSRF
| 标题 | magicblack MacCMSv10 v2025.1000.4050 SSRF |
|---|---|
| 描述 | The root cause is that the back-end code receives a user-controllable URL parameter and, without performing strict security validation, directly uses this URL to initiate a network request on behalf of the server itself. |
| 来源 | ⚠️ https:/ |
| 用户 | Yu Bao (UID 88956) |
| 提交 | 2025-09-02 16時45分 (8 月前) |
| 管理 | 2025-09-13 19時29分 (11 days later) |
| 状态 | 已接受 |
| VulDB条目 | 323832 [Magicblack MacCMS 2025.1000.4050 API cjurl 权限提升] |
| 积分 | 17 |