Lucene search
K

31 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-26261

Malicious code in bioql PyPI...

5.4CVSS4.8AI score0.00371EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-26217

Malicious code in bioql PyPI...

5.4CVSS4.8AI score0.00245EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-26224

Malicious code in bioql PyPI...

5.4CVSS4.8AI score0.00245EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-26300

Malicious code in bioql PyPI...

5.4CVSS4.8AI score0.00302EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/09/01 10:14 a.m.4 views

CVE-2025-9683

A vulnerability was found in O2OA up to 10.0-410. Affected by this issue is some unknown functionality of the file /xcmsassemblecontrol/jaxrs/form of the component Personal Profile Page. The manipulation results in cross site scripting. The attack may be launched remotely. The exploit has been ma...

5.4CVSS3.8AI score0.00295EPSS
Exploits1References1
CVE
CVE
added 2025/08/31 4:2 p.m.16 views

CVE-2025-9736

The CVE-2025-9736 entry concerns an XSS vulnerability in O2OA’s Personal Profile Page, specifically in the file path /x_query_assemble_designer/jaxrs/statement. The issue arises from manipulating the description/queryName argument, enabling cross-site scripting via remote exploitation. Public dis...

5.4CVSS5.4AI score0.00302EPSS
Exploits1References6Affected Software1
Vulnrichment
Vulnrichment
added 2025/08/31 5:2 a.m.3 views

CVE-2025-9717 O2OA Personal Profile unit cross site scripting

A vulnerability was identified in O2OA up to 10.0-410. Affected by this issue is some unknown functionality of the file /xorganizationassemblecontrol/jaxrs/unit/ of the component Personal Profile Page. Such manipulation of the argument name/shortName/distinguishedName/pinyin/pinyinInitial/levelNa...

5.1CVSS5.4AI score0.00238EPSS
Exploits1References5
NVD
NVD
added 2025/08/31 1:15 a.m.5 views

CVE-2025-9715

A vulnerability was found in O2OA up to 10.0-410. Affected is an unknown function of the file /xcmsassemblecontrol/jaxrs/script of the component Personal Profile Page. The manipulation of the argument name/alias/description results in cross site scripting. The attack can be launched remotely. The...

5.4CVSS0.00295EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/08/31 12:0 a.m.4 views

O2OA 安全漏洞

O2OA is an enterprise application development platform from O2OA Open Source. A security vulnerability exists in O2OA 10.0-410 and earlier versions, which stems from cross-site scripting due to incorrect manipulation of the parameter name/alias in the file...

5.4CVSS4.3AI score0.00301EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2025/08/31 12:0 a.m.5 views

PT-2025-35390

Name of the Vulnerable Software and Affected Versions: O2OA versions prior to 10.0-410 Description: A cross site scripting issue exists in O2OA due to manipulation of the name, alias, or description argument within the file /x processplatform assemble designer/jaxrs/form of the Personal Profile...

5.1CVSS3.9AI score0.00279EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2025/08/31 12:0 a.m.5 views

PT-2025-35391

Name of the Vulnerable Software and Affected Versions: O2OA versions prior to 10.0-410 Description: A vulnerability exists in O2OA that allows for cross site scripting. The issue is related to an unknown functionality within the file /x organization assemble control/jaxrs/unit/ of the Personal...

5.1CVSS3.6AI score0.00238EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2025/08/31 12:0 a.m.7 views

PT-2025-35416

Name of the Vulnerable Software and Affected Versions: O2OA versions up to 10.0-410 Description: A weakness exists in O2OA that allows for cross site scripting. The issue affects an unknown function within the /x query assemble designer/jaxrs/table file of the Personal Profile Page component...

5.1CVSS3.2AI score0.00244EPSS
Exploits1References9
CNNVD
CNNVD
added 2025/08/31 12:0 a.m.5 views

O2OA 安全漏洞

O2OA is an enterprise application development platform from O2OA open source. A security vulnerability exists in O2OA 10.0-410 and earlier versions, which stems from a cross-site scripting caused by incorrect manipulation of the parameters name/alias/description in the file...

5.4CVSS4.3AI score0.00279EPSS
Exploits1References7
CNNVD
CNNVD
added 2025/08/31 12:0 a.m.3 views

O2OA 安全漏洞

O2OA is an enterprise application development platform from O2OA Open Source. A security vulnerability exists in O2OA 10.0-410 and earlier versions, which stems from cross-site scripting due to incorrect manipulation of the parameter name/alias/description/applicationName in the file...

5.4CVSS4.3AI score0.00302EPSS
Exploits1References7
CNNVD
CNNVD
added 2025/08/31 12:0 a.m.3 views

O2OA 安全漏洞

O2OA is an enterprise application development platform from O2OA Open Source. A security vulnerability exists in O2OA 10.0-410 and earlier versions, which originates from a cross-site scripting due to incorrect manipulation of the parameters description/applicationName/queryName in the file...

5.4CVSS4.3AI score0.00244EPSS
Exploits1References6
OSV
OSV
added 2025/08/30 10:15 a.m.5 views

CVE-2025-9682

A vulnerability has been found in O2OA up to 10.0-410. Affected by this vulnerability is an unknown functionality of the file /xcmsassemblecontrol/jaxrs/design/appdict of the component Personal Profile Page. The manipulation leads to cross site scripting. The attack may be initiated remotely. The...

5.4CVSS3.8AI score0.00295EPSS
Exploits1References6
NVD
NVD
added 2025/08/30 10:15 a.m.3 views

CVE-2025-9683

A vulnerability was found in O2OA up to 10.0-410. Affected by this issue is some unknown functionality of the file /xcmsassemblecontrol/jaxrs/form of the component Personal Profile Page. The manipulation results in cross site scripting. The attack may be launched remotely. The exploit has been ma...

5.4CVSS0.00295EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/08/30 10:2 a.m.11 views

CVE-2025-9683 O2OA Personal Profile form cross site scripting

A vulnerability was found in O2OA up to 10.0-410. Affected by this issue is some unknown functionality of the file /xcmsassemblecontrol/jaxrs/form of the component Personal Profile Page. The manipulation results in cross site scripting. The attack may be launched remotely. The exploit has been ma...

5.1CVSS0.00295EPSS
Exploits1References6
NVD
NVD
added 2025/08/30 9:15 a.m.5 views

CVE-2025-9681

A flaw has been found in O2OA up to 10.0-410. Affected is an unknown function of the file /xprogramcenter/jaxrs/agent of the component Personal Profile Page. Executing manipulation can lead to cross site scripting. The attack can be launched remotely. The exploit has been published and may be use...

5.4CVSS0.00298EPSS
Exploits1References7
NVD
NVD
added 2025/08/30 7:15 a.m.3 views

CVE-2025-9680

A vulnerability was detected in O2OA up to 10.0-410. This impacts an unknown function of the file /xportalassembledesigner/jaxrs/page of the component Personal Profile Page. Performing manipulation results in cross site scripting. The attack can be initiated remotely. The exploit is now public an...

5.4CVSS0.00371EPSS
Exploits1References6
Rows per page
Query Builder