PT-2025-48542 · Publiccms · Publiccms
Published
2025-12-01
·
Updated
2025-12-02
·
CVE-2025-65836
CVSS v3.1
9.1
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
PublicCMS version 5.202506.b
Description
PublicCMS version 5.202506.b is susceptible to a Server-Side Request Forgery (SSRF) condition. This issue is located within the chat interface of the
SimpleAiAdminController. SSRF occurs when an application makes requests to unintended locations, potentially exposing internal resources or allowing an attacker to perform actions on behalf of the server. The vulnerable component is the SimpleAiAdminController chat interface.Recommendations
Apply a fix for PublicCMS version 5.202506.b to address the SSRF issue in the
SimpleAiAdminController chat interface.Exploit
Fix
SSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Publiccms