2 matches found
CVE-2025-9646
CVE-2025-9646 affects O2OA up to version 10.0-410. The vulnerability is a cross-site scripting flaw in the file /x_organization_assemble_personal/jaxrs/definition/calendarConfig, caused by manipulation of the toMonthViewName parameter. It is exploitable remotely and, per sources, the exploit has ...
O2OA 安全漏洞
O2OA is an enterprise application development platform from O2OA Open Source. A security vulnerability exists in O2OA 10.0-410 and earlier versions, which originates from cross-site scripting due to incorrect operation of the parameter toMonthViewName in the file...