CNNVD-202511-517 Information

CNNVD ID

CNNVD-202511-517

Related CVE

CVE-2025-63551

• CNNVD Published: 2025-11-06

Description (Chinese)

MetInfo CMS是中国米拓（MetInfo）公司的一个内容管理系统。 MetInfo CMS 8.1及之前版本存在安全漏洞，该漏洞源于XML解析逻辑缺陷，可能导致服务器端请求伪造攻击。

Description (English)

MetInfo CMS is a content management system for MetInfo in China. There is a security gap in MetInfo CMS 8.1 and earlier versions, which stems from an XML resolution logic flaw that may lead the server to request a false attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

米拓

Published

2025-11-06

Last Modified

2026-02-24

References

https://github.com/sh4ll0t/SSRF-Vulnerability-in-MetInfo-via-XXE-Injection https://github.com/sh4ll0t/SSRF-Vulnerability-in-MetInfo-via-XXE-Injection/blob/main/README.md https://access.redhat.com/security/cve/cve-2025-63551