CVE-2025-10395

Name of the Vulnerable Software and Affected Versions: Magicblack MacCMS version 2025.1000.4050

Description: A server-side request forgery issue exists in the col url function of the Scheduled Task Handler component. Manipulation of the cjurl argument can trigger the issue, allowing for remote attacks.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.