제출 #644864: Jinher OA V1.2 XML External Entity Reference정보

제목Jinher OA V1.2 XML External Entity Reference
설명During security testing of Jinher OA system, a critical XXE injection vulnerability was discovered in the ProjectScheduleDelete.aspx endpoint. This vulnerability allows unauthenticated attackers to send specially crafted XML documents containing external entity references. The server processes these entities, enabling data exfiltration through out-of-band techniques.
원천⚠️ https://github.com/Cstarplus/CVE/issues/2
사용자
 abc_123456 (UID 89341)
제출2025. 08. 31. AM 09:57 (9 개월 ago)
모더레이션2025. 09. 08. AM 06:58 (8 days later)
상태수락
VulDB 항목323046 [Jinher OA 까지 1.2 XML ?Type=add XML External Entity]
포인트들18

이전개요다음

Do you want to use VulDB in your project?

Use the official API to access entries easily!