7.3 High
AI Score
Confidence
High
0.01 Low
EPSS
Percentile
83.3%
rainrocka xinhu 2.1.9 allows remote attackers to obtain sensitive information via an index.php?a=gettotal request in which the ajaxbool value is manipulated to be true.
github.com/xuechengen/xinhu-oa/blob/main/README.md