CVE-2025-60355
9.8CRITICALzhangyd-c OneBlog before 2.3.9 was vulnerable to SSTI (Server-Side Template Injection) via FreeMarker templates.
Publicado: 10/28/2025Atualizado: 1/8/2026
Descrição
zhangyd-c OneBlog before 2.3.9 was vulnerable to SSTI (Server-Side Template Injection) via FreeMarker templates.
Análise IADesenvolvido por IA
Produtos Afetados
zhydoneblog
Referências
- https://github.com/line2222/vuln/issues/4ExploitIssue TrackingThird Party Advisory