CNNVD-202511-1742 Information

CNNVD ID

CNNVD-202511-1742

Related CVE

CVE-2025-13174

• CNNVD Published: 2025-11-14

Description (Chinese)

WeRSS是Rachel开源的一个微信公众号系统。 WeRSS 1.4.7及之前版本存在代码问题漏洞，该漏洞源于对组件Webhook Module中参数web_hook_url的错误操作，可能导致服务端请求伪造。

Description (English)

WeRSS is a micro-intelligence public system at Rachel ’ s open source. WeRSS 1.4.7 and previous versions have a code problem loophole, which stems from a mishandling of the parameter in the WebHOk Module component,web hook url, which may lead to the forgery of service requests.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

Rachel

Published

2025-11-14

Last Modified

2026-02-24

References

https://vuldb.com/?submit.684803 https://vuldb.com/?ctiid.332465 https://www.notion.so/SSRF-vulnerability-in-WeRSS-WebHook-module-29bea92a3c4180a192b5caa9078bfb18 https://vuldb.com/?id.332465 https://access.redhat.com/security/cve/cve-2025-13174