Home

Description

Jizhicms v2.5.4 is vulnerable to Server-Side Request Forgery (SSRF) in User Evaluation, Message, and Comment modules.

PUBLISHED Reserved 2025-06-16 | Published 2026-04-09 | Updated 2026-04-14 | Assigner mitre

References

github.com/Cherry-toto/jizhicms

www.jizhicms.cn

github.com/Cherry-toto/jizhicms/issues/104

cve.org (CVE-2025-50228)

nvd.nist.gov (CVE-2025-50228)

Download JSON