5 matches found
CVE-2025-9646
A security flaw has been discovered in O2OA up to 10.0-410. This vulnerability affects unknown code of the file /xorganizationassemblepersonal/jaxrs/definition/calendarConfig. The manipulation of the argument toMonthViewName results in cross site scripting. The attack can be launched remotely. Th...
CVE-2025-9646
A security flaw has been discovered in O2OA up to 10.0-410. This vulnerability affects unknown code of the file /xorganizationassemblepersonal/jaxrs/definition/calendarConfig. The manipulation of the argument toMonthViewName results in cross site scripting. The attack can be launched remotely. Th...
CVE-2025-9646 O2OA calendarConfig cross site scripting
A security flaw has been discovered in O2OA up to 10.0-410. This vulnerability affects unknown code of the file /xorganizationassemblepersonal/jaxrs/definition/calendarConfig. The manipulation of the argument toMonthViewName results in cross site scripting. The attack can be launched remotely. Th...
O2OA 安全漏洞
O2OA is an enterprise application development platform from O2OA Open Source. A security vulnerability exists in O2OA 10.0-410 and earlier versions, which originates from cross-site scripting due to incorrect operation of the parameter toMonthViewName in the file...
PT-2025-35215
Name of the Vulnerable Software and Affected Versions: O2OA versions up to 10.0-410 Description: A security flaw exists in O2OA that allows for cross site scripting. The vulnerability affects unknown code within the /x organization assemble personal/jaxrs/definition/calendarConfig file...