CNNVD-202508-273 Information
Aug 04, 2025
cve
CNNVD ID
CNNVD-202508-273
Related CVE
- CNNVD Published: 2025-08-04
Description (Chinese)
favorites-web(云收藏)是cloudfavorites开源的一个使用 Spring Boot 构建的开源网站。 favorites-web 1.3.0及之前版本存在代码问题漏洞,该漏洞源于对参数url的错误操作导致服务端请求伪造。
Description (English)
Favorites-web (the cloud collection) is an open-source site built using Spring Boot. Favorites-web 1.3.0 and previous versions had a code problem loophole, which stemmed from an error in the operation of the parameter url, which led to the forgery of the service request.
Hazard Level
High
Vulnerability Type
代码问题
Affected Vendor
cloudfavorites
Published
2025-08-04
Last Modified
2026-02-24
References
https://github.com/cloudfavorites/favorites-web/issues/134 https://github.com/cloudfavorites/favorites-web/issues/134#issue-3252105130 https://vuldb.com/?ctiid.318655 https://vuldb.com/?submit.622176 https://vuldb.com/?id.318655 https://access.redhat.com/security/cve/cve-2025-8529
Share on: