CVE-2025-10816
CVE-2025-10816 affects Jinher OA 2.0. The issue is in the XML Handler’s GetWordFileName.aspx functionality (path: /c6/Jhsoft.Web.module/ToolBar/GetWordFileName.aspx/?text=GetUrl&style=add) where input manipulation can trigger an XML External Entity (XXE) attack. The vulnerability is exploitable r...