| Название | Jinher OA V2.0 XML External Entity Reference |
|---|
| Описание | An XXE injection vulnerability was found in the " /c6/Jhsoft.Web.module/ToolBar/ManageWord.aspx/?text=GetUrl&style=1 " endpoint of Jinhe OA system. The application processes XML input without proper validation or disabling of external entity references. This allows attackers to include malicious external entities in XML documents processed by the server. |
|---|
| Источник | ⚠️ https://github.com/frwfxc123/CVE/issues/1 |
|---|
| Пользователь | ffff1123 (UID 90453) |
|---|
| Представление | 18.09.2025 17:21 (10 месяцы назад) |
|---|
| Модерация | 26.09.2025 10:50 (8 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 325982 [Jinher OA 2.0 ?text=GetUrl&style=1 XML External Entity] |
|---|
| Баллы | 18 |
|---|