CVE-2025-25785

Publication date

2025-02-26 00:00:00

Family

mitre

State

PUBLISHED

Description

JizhiCMS v2.5.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the component cPluginsController.php. This vulnerability allows attackers to perform an intranet scan via a crafted request.