ГлавнаяУязвимости → CVE-2025-10092
7.3высокая

CVE-2025-10092

Описание

A vulnerability was found in Jinher OA up to 1.2. This impacts an unknown function of the file /c6/Jhsoft.Web.projectmanage/TaskManage/AddTask.aspx/?Type=add of the component XML Handler. The manipulation results in xml external entity reference. The attack can be executed remotely. The exploit has been made public and could be used.

Затрагиваемое ПО
Jinher Jinher oa
CVSS
Балл7.3 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Источники
https://github.com/Cstarplus/CVE/issues/3https://vuldb.com/?ctiid.323047https://vuldb.com/?id.323047https://vuldb.com/?submit.644868