CVE-2025-60319

Published: Oct 30, 2025

Modified: Oct 30, 2025

PUBLISHED

Description

PerfreeBlog v4.0.11 is vulnerable to Server-Side Request Forgery due to a missing authorization check in the uploadAttachByUrl API endpoint (AttachController.java).

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/PerfreeBlog/PerfreeBlog/issues/20

https://github.com/PerfreeBlog/PerfreeBlog/commit/103c79165e3a41a1729188fdc8a1e90c97c0a06d

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-60319

Description

Affected Products

References