{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-50228", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-04-14T16:35:45.324Z", "dateReserved": "2025-06-16T00:00:00.000Z", "datePublished": "2026-04-09T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-09T14:44:40.458Z"}, "descriptions": [{"lang": "en", "value": "Jizhicms v2.5.4 is vulnerable to Server-Side Request Forgery (SSRF) in User Evaluation, Message, and Comment modules."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/Cherry-toto/jizhicms"}, {"url": "https://www.jizhicms.cn"}, {"url": "https://github.com/Cherry-toto/jizhicms/issues/104"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-918", "lang": "en", "description": "CWE-918 Server-Side Request Forgery (SSRF)"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-04-14T14:40:39.672765Z", "id": "CVE-2025-50228", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T16:35:45.324Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-50228", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-14T14:40:39.672765Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-918", "description": "CWE-918 Server-Side Request Forgery (SSRF)"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T14:40:28.942Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://github.com/Cherry-toto/jizhicms"}, {"url": "https://www.jizhicms.cn"}, {"url": "https://github.com/Cherry-toto/jizhicms/issues/104"}], "descriptions": [{"lang": "en", "value": "Jizhicms v2.5.4 is vulnerable to Server-Side Request Forgery (SSRF) in User Evaluation, Message, and Comment modules."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-09T14:44:40.458Z"}}}, "cveMetadata": {"cveId": "CVE-2025-50228", "state": "PUBLISHED", "dateUpdated": "2026-04-14T16:35:45.324Z", "dateReserved": "2025-06-16T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-04-09T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:jizhicms:jizhicms:2.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "3A6DA195-4F19-4389-A7AE-D6782136A2A8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Jizhicms v2.5.4 is vulnerable to Server-Side Request Forgery (SSRF) in User Evaluation, Message, and Comment modules."}], "id": "CVE-2025-50228", "lastModified": "2026-04-14T20:11:40.267", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-04-09T15:16:07.433", "references": [{"source": "cve@mitre.org", "tags": ["Product"], "url": "https://github.com/Cherry-toto/jizhicms"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking"], "url": "https://github.com/Cherry-toto/jizhicms/issues/104"}, {"source": "cve@mitre.org", "tags": ["Product"], "url": "https://www.jizhicms.cn"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "2.5.4"}}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "jizhicms", "vendor": "cherry-toto"}], "analysis": {"en": {"generated_at": "2026-04-14T21:40:02.285107+00:00", "value": {"mitigation_remediation": ["Upgrade Jizhicms to the latest available version that addresses SSRF in user modules", "If an upgrade is unavailable, restrict outbound traffic from the web server using firewall rules or proxy settings to prevent access to sensitive internal networks", "Validate and whitelist acceptable URL schemes and domains within the application's code to eliminate untrusted requests", "Patch or disable the vulnerable modules\u2019 URL processing if an immediate update is possible", "Monitor incoming user content for suspicious URLs and audit outbound requests for anomalous destinations"], "summary": {"action": "Immediate Patch", "impact": "Remote server-side request forgery (SSRF) allowing an attacker to manipulate outbound requests initiated by the application"}, "threat_synthesis": {"affected_systems": "Jizhicms Community Edition version 2.5.4 on any web server configuration. No other versions or variants were identified in the provided data. The product is known under the namespace jizhicms:jizhicms, and the vulnerability is tied to its web modules handling user-generated content.", "description_and_impact": "Application logic in Jizhicms 2.5.4 processes URLs supplied by users in the User Evaluation, Message, and Comment modules without validating the destination. An attacker can thus cause the server to send requests to arbitrary internal or external endpoints, potentially exposing sensitive data, facilitating lateral movement, or enabling fetching of resources hidden from the public network. The weakness is classified as CWE\u2011918, which indicates unchecked server-side request handling. The impact encompasses confidentiality and integrity of internal services, potential data exfiltration, and the compromise of the affected server\u2019s trust boundary.", "risk_and_exploitability": "The CVSS score of 9.1 denotes a high severity attack with remote hijacking potential. EPSS indicates the likelihood of exploitation is low (<1%), and the vulnerability is not currently listed in CISA's KEV catalog. Nevertheless, SSRF flaws are routinely exploited in the wild, especially when the application allows arbitrary URLs. An attacker would send a crafted request through the vulnerable module to the target, triggering the server to act as a proxy. No special authentication or privileged access is described in the input, suggesting that the attack could be performed by any external user submitting content to the affected modules."}}}}, "created": "2026-04-10T08:54:07.167985+00:00", "updated": "2026-04-15T16:00:07.813212+00:00", "vendors": ["cherry-toto", "cherry-toto$PRODUCT$jizhicms"]}