2 matches found
CVE-2026-2074
CVE-2026-2074 affects O2OA versions up to 9.0.0, impacting the HTTP POST Request Handler at the path /x_program_center/jaxrs/mpweixin/check. The issue is an XML External Entity (XXE) reference due to a manipulated input, enabling remote initiation of the attack. Public exploit is available and ha...
CVE-2026-2074 O2OA HTTP POST Request check xml external entity reference
A vulnerability was identified in O2OA up to 9.0.0. This impacts an unknown function of the file /xprogramcenter/jaxrs/mpweixin/check of the component HTTP POST Request Handler. The manipulation leads to xml external entity reference. It is possible to initiate the attack remotely. The exploit is...