CVE-2025-10787

Sažetak

A vulnerability was found in MuYuCMS up to 2.7. Impacted is an unknown function of the file /index/index.html of the component Add Fiend Link Handler. Performing manipulation of the argument Link URL results in server-side request forgery. The attack may be initiated remotely. The exploit has been made public and could be used.

Reference

https://gitee.com/MuYuCMS/MuYuCMS/issues/ICXV34
https://vuldb.com/?ctiid.325144
https://vuldb.com/?id.325144
https://vuldb.com/?submit.653888
https://gitee.com/MuYuCMS/MuYuCMS/issues/ICXV34

CVSS

Base:	6.5
Impact:	6.4
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:S/C:P/I:P/A:P

Zadnje važnije ažuriranje

22-09-2025 - 21:22

Objavljeno

22-09-2025 - 07:15