CVE-2025-25785 Information

Description

JizhiCMS v2.5.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the component \c\PluginsController.php. This vulnerability allows attackers to perform an intranet scan via a crafted request.

Reference

http://jizhicms.com https://www.jizhicms.cn/