Xinhu Security Vulnerabilities and Issues — Xinhu CVE List

Lucene search

RockoaXinhu

4 matches found

CVE•added 2024/06/17 2:15 p.m.•49 views

CVE-2024-37624

Xinhu RockOA v2.6.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the /chajian/inputChajian.php. component.

6.1CVSS6.2AI score0.00103EPSS

CVE•added 2024/06/17 2:15 p.m.•40 views

CVE-2024-37623

Xinhu RockOA v2.6.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the /kaoqin/tpl_kaoqin_locationchange.html component.

6.1CVSS6.2AI score0.00597EPSS

CVE•added 2025/03/18 9:15 p.m.•38 views

CVE-2024-57151

SQL Injection vulnerability in rainrocka xinhu v.2.6.5 and before allows a remote attacker to execute arbitrary code via the inputAction.php file and the saveAjax function

6.8CVSS8.4AI score0.00204EPSS

CVE•added 2024/06/17 2:15 p.m.•34 views

CVE-2024-37622

Xinhu RockOA v2.6.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the num parameter at /flow/flow.php.

6.1CVSS6.2AI score0.00628EPSS