Lucene search
K

4 matches found

Cvelist
Cvelist
added 2025/08/30 10:2 a.m.11 views

CVE-2025-9683 O2OA Personal Profile form cross site scripting

A vulnerability was found in O2OA up to 10.0-410. Affected by this issue is some unknown functionality of the file /xcmsassemblecontrol/jaxrs/form of the component Personal Profile Page. The manipulation results in cross site scripting. The attack may be launched remotely. The exploit has been ma...

5.1CVSS0.00295EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/08/30 9:32 a.m.2 views

CVE-2025-9682 O2OA Personal Profile appdict cross site scripting

A vulnerability has been found in O2OA up to 10.0-410. Affected by this vulnerability is an unknown functionality of the file /xcmsassemblecontrol/jaxrs/design/appdict of the component Personal Profile Page. The manipulation leads to cross site scripting. The attack may be initiated remotely. The...

5.1CVSS5.4AI score0.00295EPSS
Exploits1References6
CVE
CVE
added 2025/08/30 9:32 a.m.15 views

CVE-2025-9682

CVE-2025-9682 affects O2OA up to version 10.0-410. The vulnerability is a cross-site scripting issue in the Personal Profile Page, caused by manipulation of an unknown functionality in the file /x_cms_assemble_control/jaxrs/design/appdict. It can be exploited remotely, and the exploit has been di...

5.4CVSS3.7AI score0.00295EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2025/08/29 4:2 p.m.13 views

CVE-2025-9658 O2OA Personal Profile dict cross site scripting

A flaw has been found in O2OA up to 10.0-410. Impacted is an unknown function of the file /xportalassembledesigner/jaxrs/dict/ of the component Personal Profile Page. This manipulation of the argument name/alias/description causes cross site scripting. Remote exploitation of the attack is possibl...

5.1CVSS0.00245EPSS
Exploits1References6
Rows per page
Query Builder