VYPR
Medium severity4.7NVD Advisory· Published Sep 14, 2025· Updated Apr 29, 2026

CVE-2025-10397

CVE-2025-10397

Description

A vulnerability was identified in Magicblack MacCMS 2025.1000.4050. This affects an unknown part of the component API Handler. The manipulation of the argument cjurl leads to server-side request forgery. The attack can be initiated remotely. The exploit is publicly available and might be used.

Affected products

2
  • Maccms/Maccms2 versions
    cpe:2.3:a:maccms:maccms:10.0:2025.1000.4050:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:maccms:maccms:10.0:2025.1000.4050:*:*:*:*:*:*
    • (no CPE)range: = 2025.1000.4050

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.