إرسال #685626: https://gitee.com/bestfeng/oa_git_free oa_git_free 8.0 XML external entity injectionالمعلومات

عنوانhttps://gitee.com/bestfeng/oa_git_free oa_git_free 8.0 XML external entity injection
الوصفThe cloud network collaborative office system has XML external entity injection. When inputting XML, there is no prohibition on loading external entities, which can result in loading malicious external files, causing harm such as file reading, command execution, internal port scanning, and attacking internal websites.
المصدر⚠️ https://github.com/bkglfpp/CVE-md/blob/main/%E4%BA%91%E7%BD%91%E5%8D%8F%E5%90%8C%E5%8A%9E%E5%85%AC%E7%B3%BB%E7%BB%9F/XXE.md
المستخدم
 youran (UID 89737)
ارسال30/10/2025 10:00 AM (9 أشهر منذ)
الاعتدال14/11/2025 08:01 PM (15 days later)
الحالةتمت الموافقة
إدخال VulDB332528 [bestfeng oa_git_free حتى 9.5 WorkflowPredefineController.java updateWriteBack writeProp XML External Entity]
النقاط18

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!