Server-Side Request Forgery in Maccms10 by Maccms Technology
CVE-2025-45475

5.4MEDIUM

Key Information:

Vendor: Maccms Technology
Status: Maccms10
Vendor: CVE Published:; 27 May 2025

🔔 Create Maccms Technology Vulnerability Alert

What is CVE-2025-45475?

The Maccms10 version 2025.1000.4047 by Maccms Technology contains a vulnerability that allows attackers to exploit Server-Side Request Forgery (SSRF) in the Friend Link Management feature. This flaw potentially enables unauthorized access to internal systems and services by sending requests to domain names and resources from the server's perspective. It is crucial for users and administrators to promptly address this issue in order to protect their systems from potential intrusions and data exposure.

References

https://www.yuque.com/morysummer/vx41bz/dzidfm8vn2h5k1lb

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 27, 2025
Vulnerability Reserved
Apr 22, 2025

CVE-2025-45475 Data

JSON