Metrics
Affected Vendors & Products
Tue, 02 Sep 2025 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 02 Sep 2025 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Zoneland
Zoneland o2oa |
|
Vendors & Products |
Zoneland
Zoneland o2oa |
Sun, 31 Aug 2025 05:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability was identified in O2OA up to 10.0-410. Affected by this issue is some unknown functionality of the file /x_organization_assemble_control/jaxrs/unit/ of the component Personal Profile Page. Such manipulation of the argument name/shortName/distinguishedName/pinyin/pinyinInitial/levelName leads to cross site scripting. The attack may be launched remotely. The exploit is publicly available and might be used. | |
Title | O2OA Personal Profile unit cross site scripting | |
Weaknesses | CWE-79 CWE-94 |
|
References |
| |
Metrics |
cvssV2_0
|

Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2025-09-02T15:16:28.688Z
Reserved: 2025-08-30T11:05:22.507Z
Link: CVE-2025-9717

Updated: 2025-09-02T14:45:47.556Z

Status : Awaiting Analysis
Published: 2025-08-31T05:15:33.907
Modified: 2025-09-02T16:15:45.313
Link: CVE-2025-9717

No data.

Updated: 2025-09-02T15:23:21Z