VYPR
Unrated severityNVD Advisory· Published Oct 28, 2025· Updated Mar 4, 2026

CVE-2025-60355

CVE-2025-60355

Description

zhangyd-c OneBlog v2.3.9 and before was vulnerable to SSTI (Server-Side Template Injection) via FreeMarker templates.

Affected products

2
  • zhangyd-c/OneBlogcpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: <=2.3.9

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.