O2OA kuze kube 10.0-410 Personal Profile Page script name/alias/description/applicationName Ukubhalwa kwekhodi okweqa indawo
| CVSS Meta Temp Isilinganiso | Intengo yamanje ye-exploit (≈) | CTI Inzalo Score |
|---|---|---|
| 4.0 | $0-$5k | 0.00 |
Isifinyezo
Kukhona ubuthakathaka obubizwa ngokuthi kuyinkinga obutholakele ku O2OA kuze kube 10.0-410. Kuthintekile umsebenzi $software_function kufayela /x_processplatform_assemble_designer/jaxrs/script kwe-component Personal Profile Page. Ukusebenzisa kwepharamitha name/alias/description/applicationName kuholela ku Ukubhalwa kwekhodi okweqa indawo.
Lokhu buthakathaka kuthengiswa njenge CVE-2025-9719. Kuyenzeka ukuqala ukuhlasela kude. Ngaphezu kwalokho, kukhona i-exploit etholakalayo.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Iinkcukacha
Kukhona ubuthakathaka obubizwa ngokuthi kuyinkinga obutholakele ku O2OA kuze kube 10.0-410. Kuthintekile umsebenzi $software_function kufayela /x_processplatform_assemble_designer/jaxrs/script kwe-component Personal Profile Page. Ukusebenzisa kwepharamitha name/alias/description/applicationName kuholela ku Ukubhalwa kwekhodi okweqa indawo. Ukusebenzisa i-CWE ukukhomba inkinga kuholela ku-CWE-79. Ubuthakathaka babikwa njenge 185. Isaziso sabelwe ukuthi singalayishwa ku-github.com.
Lokhu buthakathaka kuthengiswa njenge CVE-2025-9719. Kuyenzeka ukuqala ukuhlasela kude. Kukhona imininingwane yezobuchwepheshe etholakalayo. Udumo lwalobu buthakathi luphansi kunokujwayelekile. Ngaphezu kwalokho, kukhona i-exploit etholakalayo. Ukuhlaselwa sekudalulwe emphakathini futhi kungasetshenziswa. Okwamanje, intengo yamanje ye-exploit ingaba cishe USD $0-$5k ngalesi sikhathi.
Kuyenzeka ukulanda i-exploit ku-github.com.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Umkhiqizo
Ibizo
Inguqulo
Iwebhusayithi
- Umkhiqizo: https://github.com/o2oa/o2oa/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Umkhombandlela: 🔒VulDB Ukuthembeka: 🔍
CNA CVSS-B Score: 🔒
CNA CVSS-BT Score: 🔒
CNA Umkhombandlela: 🔒
CVSSv3
VulDB Ireyithingi yeMeta Base: 4.1VulDB Meta Temp Isilinganiso: 4.0
VulDB Isilinganiso Esiyisisekelo: 3.5
VulDB Izinga Lesikhashana: 3.2
VulDB Umkhombandlela: 🔒
VulDB Ukuthembeka: 🔍
NVD Isilinganiso Esiyisisekelo: 5.4
NVD Umkhombandlela: 🔒
CNA Isilinganiso Esiyisisekelo: 3.5
CNA Umkhombandlela: 🔒
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Umkhombandlela | Ubunzima | Ukufakazela ubuwena | Ukuyimfihlo | Ukuthembeka | Ukutholakala |
|---|---|---|---|---|---|
| vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela |
| vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela |
| vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela |
VulDB Isilinganiso Esiyisisekelo: 🔒
VulDB Izinga Lesikhashana: 🔒
VulDB Ukuthembeka: 🔍
Ukusebenzisa ithuba lokungavikeleki
Ikilasi: Ukubhalwa kwekhodi okweqa indawoCWE: CWE-79 / CWE-94 / CWE-74
CAPEC: 🔒
ATT&CK: 🔒
Okubambekayo: Hayi
Wendawo: Hayi
Kude: Yebo
Ukutholakala: 🔒
Umnyango: Umphakathi
Isimo: Ubufakazi-bokusebenza
Landa: 🔒
EPSS Score: 🔒
EPSS Percentile: 🔒
Ukukhula kwentengo: 🔍
Okwamanje ukuhlolwa kwentengo: 🔒
| 0-Day | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela |
|---|---|---|---|---|
| Namuhla | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela |
Ulwazi lwezingozi
Intshisekelo: 🔍Abadlali abasebenzayo: 🔍
AmaQembu e-APT asebenzayo: 🔍
Izinyathelo zokuvikela
Isincomo: akukho sithathwa esaziwayoIsimo: 🔍
0-Suku Isikhathi: 🔒
Isikhathi somlando
2025-08-30 Isaziso sikhishwe2025-08-30 VulDB okokungena kwenziwe
2025-09-10 VulDB okungenelelwe ukubuyekezwa kokugcina
Imithombo
Umkhiqizo: github.comIseluleko: 185
Isimo: Akuchazwanga
CVE: CVE-2025-9719 (🔒)
GCVE (CVE): GCVE-0-2025-9719
GCVE (VulDB): GCVE-100-322007
scip Labs: https://www.scip.ch/en/?labs.20161013
Ukungena
Kudalwa: 2025-08-30 13:10Ukuvuselelwa: 2025-09-10 01:50
Ukulungiswa: 2025-08-30 13:10 (56), 2025-08-31 10:46 (30), 2025-09-10 01:50 (11)
Kugcwele: 🔍
Umthumeli: colorfullbz
Cache ID: 253:0E9:103
Thumela
Yamukelwa
- Thumela #637247: o2oa ≤ 10.0-410-g3d5e0d2 XSS (kusuka ku colorfullbz)
Kuze kube manje akukabikho ukuphawula. Izilimi: nr + nd + en.
Ngiyacela ungene ngemvume ukuze ukwazi ukuphawula.