CVE-2025-13789 | ZenTao up to 21.7.6-8564 module/ai/model.php makeRequest Base server-side request forgery

A vulnerability was found in ZenTao up to 21.7.6-8564 and classified as critical. This affects the function makeRequest of the file module/ai/model.php. The manipulation of the argument Base results in server-side request forgery.

This vulnerability is reported as CVE-2025-13789. The attack can be launched remotely. Moreover, an exploit is present.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More