CVE-2025-10787

Name of the Vulnerable Software and Affected Versions MuYuCMS versions prior to 2.7

Description A server-side request forgery condition exists in MuYuCMS. The issue is located in an unknown function within the /index/index.html file of the Add Fiend Link Handler component. Manipulation of the Link URL argument can trigger the issue, allowing for remote attacks. The exploit has been publicly released.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.