CVE-2025-9658 in O2OA정보

요약

\~에 의해 MITRE • 2025. 08. 29.

A flaw has been found in O2OA up to 10.0-410. Impacted is an unknown function of the file /x_portal_assemble_designer/jaxrs/dict/ of the component Personal Profile Page. This manipulation of the argument name/alias/description causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been published and may be used. The vendor replied in the GitHub issue (translated from simplified Chinese): "This issue will be fixed in the new version."

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

책임이 있는

VulDB

공개

2025. 08. 29.

모더레이션

수락

항목

VDB-321866

CPE

준비됨

CWE

CWE-79 (확인됨)

익스플로잇

다운로드

CVSS

5.4 (NVD)

EPSS

0.00078

KEV

아니요

활동

매우 낮음

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-9658
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-9658
CVE Details	https://www.cvedetails.com/cve/CVE-2025-9658/

◂ 이전 개요 다음 ▸

Want to know what is going to be exploited?

We predict KEV entries!