Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/03/29 4:30 a.m.20 views

CVE-2025-2835

A vulnerability was found in zhangyd-c OneBlog up to 2.3.9. It has been declared as problematic. Affected by this vulnerability is the function autoLink of the file com/zyd/blog/controller/RestApiController.java. The manipulation leads to server-side request forgery. The attack can be launched...

5.3CVSS7.2AI score0.00323EPSS
Exploits1References1
NVD
NVD
added 2025/03/27 4:15 a.m.27 views

CVE-2025-2835

A vulnerability was found in zhangyd-c OneBlog up to 2.3.9. It has been declared as problematic. Affected by this vulnerability is the function autoLink of the file com/zyd/blog/controller/RestApiController.java. The manipulation leads to server-side request forgery. The attack can be launched...

5.3CVSS0.00323EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/03/27 4:0 a.m.6 views

CVE-2025-2835 zhangyd-c OneBlog RestApiController.java autoLink server-side request forgery

A vulnerability was found in zhangyd-c OneBlog up to 2.3.9. It has been declared as problematic. Affected by this vulnerability is the function autoLink of the file com/zyd/blog/controller/RestApiController.java. The manipulation leads to server-side request forgery. The attack can be launched...

5.3CVSS4.8AI score0.00323EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/03/27 4:0 a.m.28 views

CVE-2025-2835 zhangyd-c OneBlog RestApiController.java autoLink server-side request forgery

A vulnerability was found in zhangyd-c OneBlog up to 2.3.9. It has been declared as problematic. Affected by this vulnerability is the function autoLink of the file com/zyd/blog/controller/RestApiController.java. The manipulation leads to server-side request forgery. The attack can be launched...

5.3CVSS0.00323EPSS
Exploits1References5
CVE
CVE
added 2025/03/27 4:0 a.m.78 views

CVE-2025-2835

The CVE-2025-2835 entry concerns zhangyd-c OneBlog up to version 2.3.9. The vulnerable item is the autoLink function in com/zyd/blog/controller/RestApiController.java, where manipulation can trigger server-side request forgery (SSRF). The issue allows remote exploitation, and public disclosures e...

5.3CVSS6.9AI score0.00323EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder