Server-Side Request Forgery Vulnerability in Maccms10 Product by Maccms
CVE-2025-45474

7.3HIGH

Key Information:

Vendor: Maccms
Status: Maccms10
Vendor: CVE Published:; 29 May 2025

What is CVE-2025-45474?

The Maccms10 product (version v2025.1000.4047) is affected by a Server-side Request Forgery (SSRF) vulnerability in its Email Settings feature. This flaw allows an attacker to manipulate requests sent from the server, potentially exposing sensitive information or allowing access to restricted resources. Organizations using this version are advised to implement security measures to mitigate potential exploitation risks.

References

https://www.yuque.com/morysummer/vx41bz/ptnnp4eema601rvz

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 29, 2025
Vulnerability Reserved
Apr 22, 2025

CVE-2025-45474 Data

JSON