2 matches found
CVE-2025-11035
A vulnerability was determined in Jinher OA 2.0. The impacted element is an unknown function of the file /c6/Jhsoft.Web.module/ToolBar/ManageWord.aspx/?text=GetUrl=1. This manipulation causes xml external entity reference. The attack can be initiated remotely. The exploit has been publicly...
CVE-2025-10816
A security flaw has been discovered in Jinher OA 2.0. This affects an unknown part of the file /c6/Jhsoft.Web.module/ToolBar/GetWordFileName.aspx/?text=GetUrl=add of the component XML Handler. Performing manipulation results in xml external entity reference. The attack may be initiated remotely...