Vulnerability Details: Title: Sichuan Xunrui Cloud Software Development Co., Ltd xunruicms <=4.7.1 URL redirection causing remote XSS Description: In the backend of the xunruicms framework, after setting up settings - domain binding - project domain - computer domain name change, SSRF exists in the module: mobile domain name change - preview website. This vulnerability exists in versions<=4.7.1. Source: GitHub Link User: nobb (UID 77370) Submission Date: 11/11/2025 02:21 PM (23 days ago) Moderation Date: 12/04/2025 09:11 AM (23 days later) Status: Accepted VulDB Entry: 334249 (dayrui XunRuiCMS up to 4.7.1 Domain Name Binding Page admin79f2ec220c7e.php?c=api&m=demo&name=mobile cross site scripting) Points: 17