Gửi #685626: https://gitee.com/bestfeng/oa_git_free oa_git_free 8.0 XML external entity injectionthông tin

tiêu đềhttps://gitee.com/bestfeng/oa_git_free oa_git_free 8.0 XML external entity injection
Mô tảThe cloud network collaborative office system has XML external entity injection. When inputting XML, there is no prohibition on loading external entities, which can result in loading malicious external files, causing harm such as file reading, command execution, internal port scanning, and attacking internal websites.
Nguồn⚠️ https://github.com/bkglfpp/CVE-md/blob/main/%E4%BA%91%E7%BD%91%E5%8D%8F%E5%90%8C%E5%8A%9E%E5%85%AC%E7%B3%BB%E7%BB%9F/XXE.md
Người dùng
 youran (UID 89737)
Đệ trình30/10/2025 10:00 (cách đây 9 các tháng)
Kiểm duyệt14/11/2025 20:01 (15 days later)
Trạng tháiđược chấp nhận
Mục VulDB332528 [bestfeng oa_git_free đến 9.5 WorkflowPredefineController.java updateWriteBack writeProp XML External Entity]
điểm18

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!