제출 #664613: Jinher OA v2.0 XML External Entity Reference정보

제목Jinher OA v2.0 XML External Entity Reference
설명During security testing of Jinhe OA system, a critical XXE injection vulnerability was discovered in the ProjectScheduleDelete.aspx endpoint. This vulnerability allows unauthenticated attackers to send specially crafted XML documents containing external entity references. The server processes these entities, enabling data exfiltration through out-of-band techniques.
원천⚠️ https://github.com/rookie1006/CVE/issues/2
사용자
 rookie1129 (UID 91072)
제출2025. 09. 28. PM 02:55 (8 개월 ago)
모더레이션2025. 10. 06. AM 07:37 (8 days later)
상태수락
VulDB 항목327226 [Jinher OA 까지 2.0 ?type=SystemUserInfo&style=1 XML External Entity]
포인트들18

이전개요다음

Do you want to use VulDB in your project?

Use the official API to access entries easily!