Home

Description

zhangyd-c OneBlog before 2.3.9 was vulnerable to SSTI (Server-Side Template Injection) via FreeMarker templates.

PUBLISHED Reserved 2025-09-26 | Published 2025-10-28 | Updated 2025-10-29 | Assigner mitre

References

github.com/line2222/vuln/issues/4

cve.org (CVE-2025-60355)

nvd.nist.gov (CVE-2025-60355)

Download JSON