Dayrui XunRuiCMS is an enterprise content management system used by some organizations. This vulnerability allows attackers to manipulate server-side request forgery (SSRF), potentially initiating a remote attack without user interaction or authentication.
You're affected if you use A flaw. Affected versions: 4.7.1 If you don't recognise this software, you're probably not affected.
To fix this vulnerability, upgrade to Dayrui XunRuiCMS version 2022.1.0 or later. You can download the patch from the vendor's website: https://dayruicms.com/download/ (Please note that the vendor has not publicly released a patch for earlier versions; contact them directly for assistance.)
Immediate mitigations: