Sign in Subscribe

← All advisories

Unrated severityNVD Advisory· Published Oct 28, 2025· Updated Mar 4, 2026

CVE-2025-60355

CVE-2025-60355

Description

zhangyd-c OneBlog v2.3.9 and before was vulnerable to SSTI (Server-Side Template Injection) via FreeMarker templates.

Affected products

2

zhangyd-c/OneBlogdescription
zhangyd-c/OneBlogllm-create
Range: <=2.3.9

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

github.com/line2222/vuln/issues/4mitre

News mentions

0

No linked articles in our index yet.