Enviar #654466: Jinher OA V2.0 XML External Entity Referenceinformación

Título	Jinher OA V2.0 XML External Entity Reference
Descripción	During security testing of Jinhe OA system, a critical XXE injection vulnerability was discovered in the GetWordFileName.aspx endpoint. This vulnerability allows unauthenticated attackers to send specially crafted XML documents containing external entity references. The server processes these entities, enabling data exfiltration through out-of-band techniques.
Fuente	⚠️ https://github.com/1296299554/CVE/issues/1
Usuario	lanyuejian (UID 90154)
Sumisión	2025-09-15 13:51 (hace 9 meses)
Moderación	2025-09-21 12:49 (6 days later)
Estado	Aceptado
Entrada de VulDB	325174 [Jinher OA 2.0 XML ?text=GetUrl&style=add XML External Entity]
Puntos	18

Want to stay up to date on a daily basis?

Enable the mail alert feature now!