إرسال #658253: Jinher OA V2.0 XML External Entity Referenceالمعلومات

عنوانJinher OA V2.0 XML External Entity Reference
الوصفAn XXE injection vulnerability was found in the " /c6/Jhsoft.Web.module/ToolBar/ManageWord.aspx/?text=GetUrl&style=1 " endpoint of Jinhe OA system. The application processes XML input without proper validation or disabling of external entity references. This allows attackers to include malicious external entities in XML documents processed by the server.
المصدر⚠️ https://github.com/frwfxc123/CVE/issues/1
المستخدم
 ffff1123 (UID 90453)
ارسال18/09/2025 05:21 PM (10 أشهر منذ)
الاعتدال26/09/2025 10:50 AM (8 days later)
الحالةتمت الموافقة
إدخال VulDB325982 [Jinher OA 2.0 ?text=GetUrl&style=1 XML External Entity]
النقاط18

Do you know our Splunk app?

Download it now for free!