← Back

CVE-2025-65836

nvd nist
Published: Dec 1, 2025Modified: Dec 4, 2025

JSON object

Loading...
9.1
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Exploitability: 3.9 / Impact: 5.2
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

PublicCMS V5.202506.b is vulnerable to SSRF. in the chat interface of SimpleAiAdminController.

Affected (1)

Products: Publiccms: Publiccms
Publiccms
1 product
Publiccms
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Publiccms
Version 5.202506.b

Related CWEs

CWE-918
Server-Side Request Forgery (SSRF)
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

References (5)

Source: cve@mitre.org
ExploitThird Party Advisory
Source: cve@mitre.org
Product
Source: cve@mitre.org
ExploitIssue Tracking
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
ExploitThird Party Advisory
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
ExploitIssue Tracking

Timeline

No history available yet.