CNNVD-202512-040 Information

CNNVD ID

CNNVD-202512-040

Related CVE

CVE-2025-65836

• CNNVD Published: 2025-12-01

Description (Chinese)

PublicCMS是中国PublicCMS公司的一套使用Java语言编写的开源内容管理系统（CMS）。 PublicCMS V5.202506.b版本存在安全漏洞，该漏洞源于SimpleAiAdminController聊天接口存在服务端请求伪造。

Description (English)

PublicCMS is an open-source content management system (CMS) developed in Java by PublicCMS, China. PublicCMS V5.20206.b contains a security loophole, which stems from the existence of a service request for forgery of the SimpleAi AdminController chat interface.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

PublicCMS

Published

2025-12-01

Last Modified

2026-02-24

References

https://github.com/Hyperkopite/PublicCMS_Vulns/blob/main/SSRF_1.md https://github.com/sanluan/PublicCMS https://github.com/sanluan/PublicCMS/issues/99 https://access.redhat.com/security/cve/cve-2025-65836

Patch

https://github.com/sanluan/PublicCMS/releases