Enviar #685626: https://gitee.com/bestfeng/oa_git_free oa_git_free 8.0 XML external entity injectioninformación

Títulohttps://gitee.com/bestfeng/oa_git_free oa_git_free 8.0 XML external entity injection
DescripciónThe cloud network collaborative office system has XML external entity injection. When inputting XML, there is no prohibition on loading external entities, which can result in loading malicious external files, causing harm such as file reading, command execution, internal port scanning, and attacking internal websites.
Fuente⚠️ https://github.com/bkglfpp/CVE-md/blob/main/%E4%BA%91%E7%BD%91%E5%8D%8F%E5%90%8C%E5%8A%9E%E5%85%AC%E7%B3%BB%E7%BB%9F/XXE.md
Usuario
 youran (UID 89737)
Sumisión2025-10-30 10:00 (hace 9 meses)
Moderación2025-11-14 20:01 (15 days later)
EstadoAceptado
Entrada de VulDB332528 [bestfeng oa_git_free hasta 9.5 WorkflowPredefineController.java updateWriteBack writeProp XML External Entity]
Puntos18

Do you want to use VulDB in your project?

Use the official API to access entries easily!