CVE List

CVE-2021-39497

Severe 9.8

eyoucms 1.5.4 lacks sanitization of input data, allowing an attacker to inject a url to trigger blind SSRF via the saveRemote() function.

Published September 7, 2021.

Affected software

Reference links

Sign Up for Alerts