ГлавнаяУязвимости → CVE-2025-7523
7.3высокая

CVE-2025-7523

Описание

A vulnerability was found in Jinher OA 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /c6/Jhsoft.Web.message/ToolBar/DelTemp.aspx. The manipulation leads to xml external entity reference. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Затрагиваемое ПО
Jinher Jinher oa
CVSS
Балл7.3 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Источники
https://github.com/BigMancer/Jinhe-OA-XXE-Vulnerabilityhttps://github.com/BigMancer/Jinhe-OA-XXE-Vulnerability?tab=readme-ov-file#proof-of-concepthttps://vuldb.com/?ctiid.316220https://vuldb.com/?id.316220https://vuldb.com/?submit.611183https://github.com/BigMancer/Jinhe-OA-XXE-Vulnerability