31 matches found
EUVD-2025-26261
Malicious code in bioql PyPI...
EUVD-2025-26217
Malicious code in bioql PyPI...
EUVD-2025-26224
Malicious code in bioql PyPI...
EUVD-2025-26300
Malicious code in bioql PyPI...
CVE-2025-9683
A vulnerability was found in O2OA up to 10.0-410. Affected by this issue is some unknown functionality of the file /xcmsassemblecontrol/jaxrs/form of the component Personal Profile Page. The manipulation results in cross site scripting. The attack may be launched remotely. The exploit has been ma...
CVE-2025-9736
The CVE-2025-9736 entry concerns an XSS vulnerability in O2OA’s Personal Profile Page, specifically in the file path /x_query_assemble_designer/jaxrs/statement. The issue arises from manipulating the description/queryName argument, enabling cross-site scripting via remote exploitation. Public dis...
CVE-2025-9717 O2OA Personal Profile unit cross site scripting
A vulnerability was identified in O2OA up to 10.0-410. Affected by this issue is some unknown functionality of the file /xorganizationassemblecontrol/jaxrs/unit/ of the component Personal Profile Page. Such manipulation of the argument name/shortName/distinguishedName/pinyin/pinyinInitial/levelNa...
CVE-2025-9715
A vulnerability was found in O2OA up to 10.0-410. Affected is an unknown function of the file /xcmsassemblecontrol/jaxrs/script of the component Personal Profile Page. The manipulation of the argument name/alias/description results in cross site scripting. The attack can be launched remotely. The...
O2OA 安全漏洞
O2OA is an enterprise application development platform from O2OA Open Source. A security vulnerability exists in O2OA 10.0-410 and earlier versions, which stems from cross-site scripting due to incorrect manipulation of the parameter name/alias in the file...
PT-2025-35390
Name of the Vulnerable Software and Affected Versions: O2OA versions prior to 10.0-410 Description: A cross site scripting issue exists in O2OA due to manipulation of the name, alias, or description argument within the file /x processplatform assemble designer/jaxrs/form of the Personal Profile...
PT-2025-35391
Name of the Vulnerable Software and Affected Versions: O2OA versions prior to 10.0-410 Description: A vulnerability exists in O2OA that allows for cross site scripting. The issue is related to an unknown functionality within the file /x organization assemble control/jaxrs/unit/ of the Personal...
PT-2025-35416
Name of the Vulnerable Software and Affected Versions: O2OA versions up to 10.0-410 Description: A weakness exists in O2OA that allows for cross site scripting. The issue affects an unknown function within the /x query assemble designer/jaxrs/table file of the Personal Profile Page component...
O2OA 安全漏洞
O2OA is an enterprise application development platform from O2OA open source. A security vulnerability exists in O2OA 10.0-410 and earlier versions, which stems from a cross-site scripting caused by incorrect manipulation of the parameters name/alias/description in the file...
O2OA 安全漏洞
O2OA is an enterprise application development platform from O2OA Open Source. A security vulnerability exists in O2OA 10.0-410 and earlier versions, which stems from cross-site scripting due to incorrect manipulation of the parameter name/alias/description/applicationName in the file...
O2OA 安全漏洞
O2OA is an enterprise application development platform from O2OA Open Source. A security vulnerability exists in O2OA 10.0-410 and earlier versions, which originates from a cross-site scripting due to incorrect manipulation of the parameters description/applicationName/queryName in the file...
CVE-2025-9682
A vulnerability has been found in O2OA up to 10.0-410. Affected by this vulnerability is an unknown functionality of the file /xcmsassemblecontrol/jaxrs/design/appdict of the component Personal Profile Page. The manipulation leads to cross site scripting. The attack may be initiated remotely. The...
CVE-2025-9683
A vulnerability was found in O2OA up to 10.0-410. Affected by this issue is some unknown functionality of the file /xcmsassemblecontrol/jaxrs/form of the component Personal Profile Page. The manipulation results in cross site scripting. The attack may be launched remotely. The exploit has been ma...
CVE-2025-9683 O2OA Personal Profile form cross site scripting
A vulnerability was found in O2OA up to 10.0-410. Affected by this issue is some unknown functionality of the file /xcmsassemblecontrol/jaxrs/form of the component Personal Profile Page. The manipulation results in cross site scripting. The attack may be launched remotely. The exploit has been ma...
CVE-2025-9681
A flaw has been found in O2OA up to 10.0-410. Affected is an unknown function of the file /xprogramcenter/jaxrs/agent of the component Personal Profile Page. Executing manipulation can lead to cross site scripting. The attack can be launched remotely. The exploit has been published and may be use...
CVE-2025-9680
A vulnerability was detected in O2OA up to 10.0-410. This impacts an unknown function of the file /xportalassembledesigner/jaxrs/page of the component Personal Profile Page. Performing manipulation results in cross site scripting. The attack can be initiated remotely. The exploit is now public an...