제출 #685626: https://gitee.com/bestfeng/oa_git_free oa_git_free 8.0 XML external entity injection정보

제목https://gitee.com/bestfeng/oa_git_free oa_git_free 8.0 XML external entity injection
설명The cloud network collaborative office system has XML external entity injection. When inputting XML, there is no prohibition on loading external entities, which can result in loading malicious external files, causing harm such as file reading, command execution, internal port scanning, and attacking internal websites.
원천⚠️ https://github.com/bkglfpp/CVE-md/blob/main/%E4%BA%91%E7%BD%91%E5%8D%8F%E5%90%8C%E5%8A%9E%E5%85%AC%E7%B3%BB%E7%BB%9F/XXE.md
사용자
 youran (UID 89737)
제출2025. 10. 30. AM 10:00 (9 개월 ago)
모더레이션2025. 11. 14. PM 08:01 (15 days later)
상태수락
VulDB 항목332528 [bestfeng oa_git_free 까지 9.5 WorkflowPredefineController.java updateWriteBack writeProp XML External Entity]
포인트들18

Do you want to use VulDB in your project?

Use the official API to access entries easily!