2 matches found
CVE-2025-10211
creationtimestamp| type| source ---|---|--- 2025-11-29 09:41:41+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-10211.yaml 2025-12-01 21:02:40+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3m6xda5ntpo2f 2026-02-02...
CVE-2025-10211
ChanCMS 3.3.0 contains a server-side request forgery in the CollectController, triggered by manipulating the taskUrl parameter in /cms/collect/getArticle. The issue allows remote attackers to make arbitrary requests from the server. Public disclosures and a Nuclei template detail this SSRF, descr...