CNNVD-202507-2839 Information

CNNVD ID

CNNVD-202507-2839

Related CVE

CVE-2025-7949

• CNNVD Published: 2025-07-22

Description (Chinese)

PublicCMS是中国PublicCMS公司的一套使用Java语言编写的开源内容管理系统（CMS）。 PublicCMS 5.202506.a及之前版本存在安全漏洞，该漏洞源于对文件preview.html中参数url的错误操作导致开放重定向。

Description (English)

PublicCMS is an open-source content management system (CMS) developed in Java by PublicCMS, China. PublicCMS 5.20206.a and previous versions had a security loophole, which stemmed from an error in the url parameter in the preview.html document, which resulted in open redirection.

Hazard Level

Critical

Vulnerability Type

输入验证错误

Affected Vendor

PublicCMS

Published

2025-07-22

Last Modified

2026-02-24

References

https://github.com/sanluan/PublicCMS/issues/87 https://vuldb.com/?submit.619278 https://github.com/sanluan/PublicCMS/commit/c1e79f124e3f4c458315d908ed7dee06f9f12a76 https://vuldb.com/?id.317095 https://vuldb.com/?ctiid.317095 https://nvd.nist.gov/vuln/detail/CVE-2025-7949 https://access.redhat.com/security/cve/cve-2025-7949