Name of the Vulnerable Software and Affected Versions:

yanyutao0402 ChanCMS versions through 3.1.2

Description:

A critical vulnerability exists in yanyutao0402 ChanCMS. The `getArticle` function within the `app/modules/cms/controller/collect.js` file is susceptible to deserialization due to manipulation of the `targetUrl` argument. This issue can be exploited remotely. The exploit has been publicly disclosed.

Recommendations:

Upgrade to version 3.1.3 to address this issue.