CVE-2025-8227 | yanyutao0402 ChanCMS up to 3.1.2 /collect/getArticle taskUrl deserialization (ICLP81)

Inserito da Angelo Barbosa | Lug 26, 2025 | CVE

A vulnerability was found in yanyutao0402 ChanCMS up to 3.1.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /collect/getArticle. The manipulation of the argument taskUrl leads to deserialization.

This vulnerability is known as CVE-2025-8227. The attack can be launched remotely. Furthermore, there is an exploit available.

It is recommended to upgrade the affected component.

CVE-2025-8227 | yanyutao0402 ChanCMS up to 3.1.2 /collect/getArticle taskUrl deserialization (ICLP81)

Post correlati

CVE-2015-10127 | PlusCaptcha Plugin up to 2.0.6 on WordPress cross site scripting

CVE-2024-1792 | CMB2 Plugin up to 2.10.1 on WordPress code injection

CVE-2024-22213 | NextCloud Deck up to 1.9.4/1.11.1 Organization cross site scripting (GHSA-mg7w-x9fm-9wwc)

CVE-2023-50212 | D-Link G416 httpd information disclosure (ZDI-23-1828)