Invia #685626: https://gitee.com/bestfeng/oa_git_free oa_git_free 8.0 XML external entity injectioninformazioni

Titolohttps://gitee.com/bestfeng/oa_git_free oa_git_free 8.0 XML external entity injection
DescrizioneThe cloud network collaborative office system has XML external entity injection. When inputting XML, there is no prohibition on loading external entities, which can result in loading malicious external files, causing harm such as file reading, command execution, internal port scanning, and attacking internal websites.
Fonte⚠️ https://github.com/bkglfpp/CVE-md/blob/main/%E4%BA%91%E7%BD%91%E5%8D%8F%E5%90%8C%E5%8A%9E%E5%85%AC%E7%B3%BB%E7%BB%9F/XXE.md
Utente
 youran (UID 89737)
Sottomissione30/10/2025 10:00 (9 mesi fa)
Moderazione14/11/2025 20:01 (15 days later)
StatoAccettato
Voce VulDB332528 [bestfeng oa_git_free fino a 9.5 WorkflowPredefineController.java updateWriteBack writeProp XML External Entity]
Punti18

Do you need the next level of professionalism?

Upgrade your account now!