CVE-2025-60355
9.8CRITICALzhangyd-c OneBlog before 2.3.9 was vulnerable to SSTI (Server-Side Template Injection) via FreeMarker templates.
Publicado: 10/28/2025Actualizado: 1/8/2026
Descripción
zhangyd-c OneBlog before 2.3.9 was vulnerable to SSTI (Server-Side Template Injection) via FreeMarker templates.
Análisis IAImpulsado por IA
Productos Afectados
zhydoneblog
Referencias
- https://github.com/line2222/vuln/issues/4ExploitIssue TrackingThird Party Advisory