top of page
perceptive_background_267k.jpg

A security vulnerability has been detected in moxi624 Mogu Blog v2 up to 5.2. Affected by this vulnerability is the function LocalFileServiceImpl.uploadPictureB…

Published:

19 april 2026 om 22:00:00

Alert date:

20 april 2026 om 11:01:22

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies

A server-side request forgery (SSRF) vulnerability has been discovered in moxi624 Mogu Blog v2 up to version 5.2. The vulnerability affects the LocalFileServiceImpl.uploadPictureByUrl function in the Picture Storage Service component. The flaw can be exploited remotely and allows attackers to manipulate server-side requests. The exploit has been publicly disclosed and is available for use. The vendor was contacted about the vulnerability but has not responded to the disclosure.

Technical details

Mitigation steps:

Affected products:

moxi624 Mogu Blog

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-6625
https://github.com/ccccccctiiiiiiii-lab/public_exp/issues/3
https://vuldb.com/submit/792417
https://vuldb.com/vuln/358260
https://vuldb.com/vuln/358260/cti

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page