제출 #654466: Jinher OA V2.0 XML External Entity Reference정보

제목Jinher OA V2.0 XML External Entity Reference
설명During security testing of Jinhe OA system, a critical XXE injection vulnerability was discovered in the GetWordFileName.aspx endpoint. This vulnerability allows unauthenticated attackers to send specially crafted XML documents containing external entity references. The server processes these entities, enabling data exfiltration through out-of-band techniques.
원천⚠️ https://github.com/1296299554/CVE/issues/1
사용자
 lanyuejian (UID 90154)
제출2025. 09. 15. PM 01:51 (9 개월 ago)
모더레이션2025. 09. 21. PM 12:49 (6 days later)
상태수락
VulDB 항목325174 [Jinher OA 2.0 XML ?text=GetUrl&style=add XML External Entity]
포인트들18

이전개요다음

Do you need the next level of professionalism?

Upgrade your account now!