CVE-2025-2833 Information

Description

A vulnerability was found in zhangyd-c OneBlog up to 2.3.9. It has been classified as problematic. Affected is an unknown function of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to inefficient regular expression complexity. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Reference

https://github.com/zhangyd-c/OneBlog/issues/35 https://github.com/zhangyd-c/OneBlog/issues/35 https://github.com/zhangyd-c/OneBlog/issues/35#issue-2914268214 https://github.com/zhangyd-c/OneBlog/issues/35#issue-2914268214 https://vuldb.com/?ctiid.301470 https://vuldb.com/?id.301470 https://vuldb.com/?submit.521813