O2OA kuze kube 10.0-410 Personal Profile Page script name/alias/description Ukubhalwa kwekhodi okweqa indawo
| CVSS Meta Temp Isilinganiso | Intengo yamanje ye-exploit (≈) | CTI Inzalo Score |
|---|---|---|
| 4.1 | $0-$5k | 0.12 |
Isifinyezo
Kubonakale ubuthakathaka obubizwa ngokuthi kuyinkinga ku O2OA kuze kube 10.0-410. Kuthintekile umsebenzi $software_function kufayela /x_cms_assemble_control/jaxrs/script kwe-component Personal Profile Page. Ukuphathwa kwepharamitha name/alias/description kuholela ku Ukubhalwa kwekhodi okweqa indawo.
Le buthakathaka itholakala njenge CVE-2025-9715. Ukuhlasela kungaqalwa kude. Ngaphezu kwalokho, i-exploit ikhona.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Iinkcukacha
Kubonakale ubuthakathaka obubizwa ngokuthi kuyinkinga ku O2OA kuze kube 10.0-410. Kuthintekile umsebenzi $software_function kufayela /x_cms_assemble_control/jaxrs/script kwe-component Personal Profile Page. Ukuphathwa kwepharamitha name/alias/description kuholela ku Ukubhalwa kwekhodi okweqa indawo. Ukusebenzisa i-CWE ukusho inkinga kuholela ku-CWE-79. Kuboniswe ubuthakathaka lolu njenge 181. Isaziso singalayishwa ku-github.com.
Le buthakathaka itholakala njenge CVE-2025-9715. Ukuhlasela kungaqalwa kude. Kukhona imininingwane yezobuchwepheshe etholakalayo. Le vulnerability ayidumi kakhulu, idlula phansi kokujwayelekile. Ngaphezu kwalokho, i-exploit ikhona. Ukuhlaselwa sekudalulwe ebantwini futhi kungasetshenziswa. Okwamanje, intengo yamanje ye-exploit ingaba cishe USD $0-$5k ngalesi sikhathi.
Ungakwazi ukulanda i-exploit ku-github.com.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Umkhiqizo
Ibizo
Inguqulo
Iwebhusayithi
- Umkhiqizo: https://github.com/o2oa/o2oa/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Umkhombandlela: 🔒VulDB Ukuthembeka: 🔍
CNA CVSS-B Score: 🔒
CNA CVSS-BT Score: 🔒
CNA Umkhombandlela: 🔒
CVSSv3
VulDB Ireyithingi yeMeta Base: 4.1VulDB Meta Temp Isilinganiso: 4.1
VulDB Isilinganiso Esiyisisekelo: 3.5
VulDB Izinga Lesikhashana: 3.3
VulDB Umkhombandlela: 🔒
VulDB Ukuthembeka: 🔍
NVD Isilinganiso Esiyisisekelo: 5.4
NVD Umkhombandlela: 🔒
CNA Isilinganiso Esiyisisekelo: 3.5
CNA Umkhombandlela: 🔒
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Umkhombandlela | Ubunzima | Ukufakazela ubuwena | Ukuyimfihlo | Ukuthembeka | Ukutholakala |
|---|---|---|---|---|---|
| vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela |
| vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela |
| vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela |
VulDB Isilinganiso Esiyisisekelo: 🔒
VulDB Izinga Lesikhashana: 🔒
VulDB Ukuthembeka: 🔍
Ukusebenzisa ithuba lokungavikeleki
Ikilasi: Ukubhalwa kwekhodi okweqa indawoCWE: CWE-79 / CWE-94 / CWE-74
CAPEC: 🔒
ATT&CK: 🔒
Okubambekayo: Hayi
Wendawo: Hayi
Kude: Yebo
Ukutholakala: 🔒
Umnyango: Umphakathi
Isimo: Ubufakazi-bokusebenza
Landa: 🔒
EPSS Score: 🔒
EPSS Percentile: 🔒
Ukukhula kwentengo: 🔍
Okwamanje ukuhlolwa kwentengo: 🔒
| 0-Day | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela |
|---|---|---|---|---|
| Namuhla | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela |
Ulwazi lwezingozi
Intshisekelo: 🔍Abadlali abasebenzayo: 🔍
AmaQembu e-APT asebenzayo: 🔍
Izinyathelo zokuvikela
Isincomo: akukho sithathwa esaziwayoIsimo: 🔍
0-Suku Isikhathi: 🔒
Isikhathi somlando
2025-08-30 Isaziso sikhishwe2025-08-30 VulDB okokungena kwenziwe
2025-09-10 VulDB okungenelelwe ukubuyekezwa kokugcina
Imithombo
Umkhiqizo: github.comIseluleko: 181
Isimo: Kuqinisekisiwe
Isiqinisekiso: 🔒
CVE: CVE-2025-9715 (🔒)
GCVE (CVE): GCVE-0-2025-9715
GCVE (VulDB): GCVE-100-322003
scip Labs: https://www.scip.ch/en/?labs.20161013
Ukungena
Kudalwa: 2025-08-30 13:10Ukuvuselelwa: 2025-09-10 21:46
Ukulungiswa: 2025-08-30 13:10 (58), 2025-08-31 03:21 (30), 2025-09-10 21:46 (11)
Kugcwele: 🔍
Umthumeli: colorfullbz
Cache ID: 253:345:103
Thumela
Yamukelwa
- Thumela #637243: o2oa ≤ 10.0-410-g3d5e0d2 XSS (kusuka ku colorfullbz)
Kuze kube manje akukabikho ukuphawula. Izilimi: nr + nd + en.
Ngiyacela ungene ngemvume ukuze ukwazi ukuphawula.