CNNVD-202512-131 Information

CNNVD ID

CNNVD-202512-131

Related CVE

CVE-2025-13813

• CNNVD Published: 2025-12-01

Description (Chinese)

Mogu blog（蘑菇博客）是中国Streamlet个人开发者的一个基于微架构的前后端共享博客系统。 Mogu blog v2 5.2及之前版本存在安全漏洞，该漏洞源于组件Storage Management Endpoint中文件/storage/缺少授权检查，可能导致未经授权的访问。

Description (English)

Mogublog (Frooms Blog) is a micro-structure-based, back-to-back, blog-sharing system for Chinese Streamlet personal developers. There is a security loophole in Mogu blog v2 5.2 and previous versions, which stems from the document/storage/lack of authorized inspection of the component Storage Management Endpoint, which may lead to unauthorized access.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-12-01

Last Modified

2026-02-24

References

https://vuldb.com/?id.333822 https://github.com/Xzzz111/exps/blob/main/archives/mogu_blog_v2-broken_access_control-1/report.md#proof-of-concept https://vuldb.com/?submit.692104 https://vuldb.com/?ctiid.333822 https://access.redhat.com/security/cve/cve-2025-13813