CVE-2023-2927

Name of the Vulnerable Software and Affected Versions JIZHICMS version 2.4.5

Description A critical issue has been found, affecting the index function of the TemplateController.php file. The manipulation of the webapi argument leads to server-side request forgery, allowing for remote attacks.

Recommendations For JIZHICMS version 2.4.5, consider disabling the index function of the TemplateController.php file or restricting the use of the webapi argument until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.