Metrics
Affected Vendors & Products
Tue, 02 Sep 2025 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 02 Sep 2025 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Zoneland
Zoneland o2oa |
|
Vendors & Products |
Zoneland
Zoneland o2oa |
Sun, 31 Aug 2025 06:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A weakness has been identified in O2OA up to 10.0-410. This vulnerability affects unknown code of the file /x_processplatform_assemble_designer/jaxrs/script of the component Personal Profile Page. Executing manipulation of the argument name/alias/description/applicationName can lead to cross site scripting. The attack can be executed remotely. The exploit has been made available to the public and could be exploited. | |
Title | O2OA Personal Profile script cross site scripting | |
Weaknesses | CWE-79 CWE-94 |
|
References |
| |
Metrics |
cvssV2_0
|

Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2025-09-02T15:16:17.325Z
Reserved: 2025-08-30T11:05:27.866Z
Link: CVE-2025-9719

Updated: 2025-09-02T14:45:31.795Z

Status : Awaiting Analysis
Published: 2025-08-31T06:15:32.520
Modified: 2025-09-02T16:15:45.890
Link: CVE-2025-9719

No data.

Updated: 2025-09-02T15:23:23Z