{"id":"CVE-2021-27693","details":"Server-side Request Forgery (SSRF) vulnerability in PublicCMS before 4.0.202011.b via /publiccms/admin/ueditor when the action is catchimage.","modified":"2026-04-12T02:44:57.996157Z","published":"2022-09-02T18:15:11.687Z","references":[{"type":"REPORT","url":"https://github.com/sanluan/PublicCMS/issues/51"},{"type":"FIX","url":"https://github.com/sanluan/PublicCMS/commit/0f4c4872914b6a71305e121a7d9a19c07cde0338"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/sanluan/publiccms","events":[{"introduced":"0"},{"fixed":"c7ea0de73f02bfd15b34f292c19aec995aac4b92"},{"fixed":"0f4c4872914b6a71305e121a7d9a19c07cde0338"}],"database_specific":{"extracted_events":[{"introduced":"0"},{"fixed":"4.0.202011.b"}],"source":["CPE_FIELD","REFERENCES"],"cpe":"cpe:2.3:a:publiccms:publiccms:*:*:*:*:*:*:*:*"}}],"versions":["V2016","V4.0.180707","V4.0.181024","V4.0.190312","V4.0.202004"],"database_specific":{"vanir_signatures":[{"deprecated":false,"signature_version":"v1","digest":{"function_hash":"192039935373006367014661931540540476365","length":1694},"id":"CVE-2021-27693-2d633050","target":{"function":"catchimage","file":"publiccms-parent/publiccms-core/src/main/java/com/publiccms/controller/admin/sys/UeditorAdminController.java"},"source":"https://github.com/sanluan/publiccms/commit/0f4c4872914b6a71305e121a7d9a19c07cde0338","signature_type":"Function"},{"deprecated":false,"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["141326919820996564797013155226213795623","78845168295621787340183449689069356993","269010254346367733320404006937166127746","298592195030615098786519984137948389252","61989723236335373360057439079114747445","58957340141528407110014582547817840001","165468996588821184815445960609625917276","276514388446542247011671659203140782132","71374255232051737259711179155187490650","165401202299429695862386331358726564060"]},"id":"CVE-2021-27693-5b20876b","target":{"file":"publiccms-parent/publiccms-core/src/main/java/com/publiccms/controller/admin/sys/UeditorAdminController.java"},"source":"https://github.com/sanluan/publiccms/commit/0f4c4872914b6a71305e121a7d9a19c07cde0338","signature_type":"Line"},{"deprecated":false,"signature_version":"v1","digest":{"function_hash":"233227836319576122985486019302934886378","length":387},"id":"CVE-2021-27693-ae8c3f2e","target":{"function":"GetTemplateResultMethod","file":"publiccms-parent/publiccms-core/src/main/java/com/publiccms/views/method/tools/GetTemplateResultMethod.java"},"source":"https://github.com/sanluan/publiccms/commit/c7ea0de73f02bfd15b34f292c19aec995aac4b92","signature_type":"Function"},{"deprecated":false,"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["245468747923729660101904483821063441514","87605925112921678046830315410915127285","95722159187449082608616798773208732170","299615010879116396561290742767980534578","58039849673713423896836921152444072255","156149154206116312392191016600537841377","326791870532611481503806934559336726607"]},"id":"CVE-2021-27693-ec4cfe2b","target":{"file":"publiccms-parent/publiccms-core/src/main/java/com/publiccms/views/method/tools/GetTemplateResultMethod.java"},"source":"https://github.com/sanluan/publiccms/commit/c7ea0de73f02bfd15b34f292c19aec995aac4b92","signature_type":"Line"}],"vanir_signatures_modified":"2026-04-12T02:44:57Z","source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-27693.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}