CNNVD-202510-3798 Information

CNNVD ID

CNNVD-202510-3798

Related CVE

CVE-2025-60355

• CNNVD Published: 2025-10-28

Description (Chinese)

OneBlog是yadong.zhang个人开发者的一个漂亮、功能强大的Java博客。 OneBlog 2.3.9之前版本存在安全漏洞，该漏洞源于FreeMarker模板存在服务器端模板注入。

Description (English)

OneBlog is a beautiful and powerful Java blog by Yadong.zhang personal developer. There was a security gap in the previous version of OneBlog 2.3.9, which resulted from the injection of the FreeMarter template with a server-end template.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-10-28

Last Modified

2026-02-24

References

https://github.com/line2222/vuln/issues/4 https://access.redhat.com/security/cve/cve-2025-60355