O2OA kuze kube 10.0-410 Personal Profile Page table description/applicationName/queryName Ukubhalwa kwekhodi okweqa indawo
| CVSS Meta Temp Isilinganiso | Intengo yamanje ye-exploit (≈) | CTI Inzalo Score |
|---|---|---|
| 4.1 | $0-$5k | 0.10 |
Isifinyezo
Kukhona ubuthakathaka obubizwa ngokuthi kuyinkinga obutholakele ku O2OA kuze kube 10.0-410. Kuthinteka umsebenzi ongaziwayo kufayela /x_query_assemble_designer/jaxrs/table kwe-component Personal Profile Page. Ukusebenzisa kwepharamitha description/applicationName/queryName kuholela ku Ukubhalwa kwekhodi okweqa indawo. Lokhu buthakathaka kuthengiswa njenge CVE-2025-9735. Kuyenzeka ukuqala ukuhlasela kude. Ngaphezu kwalokho, kukhona i-exploit etholakalayo. If you want to get best quality of vulnerability data, you may have to visit VulDB.
Iinkcukacha
Kukhona ubuthakathaka obubizwa ngokuthi kuyinkinga obutholakele ku O2OA kuze kube 10.0-410. Kuthinteka umsebenzi ongaziwayo kufayela /x_query_assemble_designer/jaxrs/table kwe-component Personal Profile Page. Ukusebenzisa kwepharamitha description/applicationName/queryName kuholela ku Ukubhalwa kwekhodi okweqa indawo. Ukusebenzisa i-CWE ukukhomba inkinga kuholela ku-CWE-79. Ubuthakathaka babikwa njenge 187. Isaziso sabelwe ukuthi singalayishwa ku-github.com.
Lokhu buthakathaka kuthengiswa njenge CVE-2025-9735. Kuyenzeka ukuqala ukuhlasela kude. Imininingwane yezobuchwepheshe iyatholakala. Udumo lwalobu buthakathi luphansi kunokujwayelekile. Ngaphezu kwalokho, kukhona i-exploit etholakalayo. Ukuhlaselwa sekudalulwe emphakathini futhi kungasetshenziswa. Njengamanje, intengo yamanje ye-exploit ingahle ibe cishe USD $0-$5k okwamanje.
Kuyenzeka ukulanda i-exploit ku-github.com.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Umkhiqizo
Ibizo
Inguqulo
Iwebhusayithi
- Umkhiqizo: https://github.com/o2oa/o2oa/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Umkhombandlela: 🔒VulDB Ukuthembeka: 🔍
CNA CVSS-B Score: 🔒
CNA CVSS-BT Score: 🔒
CNA Umkhombandlela: 🔒
CVSSv3
VulDB Ireyithingi yeMeta Base: 4.1VulDB Meta Temp Isilinganiso: 4.1
VulDB Isilinganiso Esiyisisekelo: 3.5
VulDB Izinga Lesikhashana: 3.3
VulDB Umkhombandlela: 🔒
VulDB Ukuthembeka: 🔍
NVD Isilinganiso Esiyisisekelo: 5.4
NVD Umkhombandlela: 🔒
CNA Isilinganiso Esiyisisekelo: 3.5
CNA Umkhombandlela: 🔒
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Umkhombandlela | Ubunzima | Ukufakazela ubuwena | Ukuyimfihlo | Ukuthembeka | Ukutholakala |
|---|---|---|---|---|---|
| vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela |
| vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela |
| vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela |
VulDB Isilinganiso Esiyisisekelo: 🔒
VulDB Izinga Lesikhashana: 🔒
VulDB Ukuthembeka: 🔍
Ukusebenzisa ithuba lokungavikeleki
Ikilasi: Ukubhalwa kwekhodi okweqa indawoCWE: CWE-79 / CWE-94 / CWE-74
CAPEC: 🔒
ATT&CK: 🔒
Okubambekayo: Hayi
Wendawo: Hayi
Kude: Yebo
Ukutholakala: 🔒
Umnyango: Umphakathi
Isimo: Ubufakazi-bokusebenza
Landa: 🔒
EPSS Score: 🔒
EPSS Percentile: 🔒
Ukukhula kwentengo: 🔍
Okwamanje ukuhlolwa kwentengo: 🔒
| 0-Day | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela |
|---|---|---|---|---|
| Namuhla | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela |
Ulwazi lwezingozi
Intshisekelo: 🔍Abadlali abasebenzayo: 🔍
AmaQembu e-APT asebenzayo: 🔍
Izinyathelo zokuvikela
Isincomo: akukho sithathwa esaziwayoIsimo: 🔍
0-Suku Isikhathi: 🔒
Isikhathi somlando
2025-08-30 Isaziso sikhishwe2025-08-30 VulDB okokungena kwenziwe
2025-09-05 VulDB okungenelelwe ukubuyekezwa kokugcina
Imithombo
Umkhiqizo: github.comIseluleko: 187
Isimo: Kuqinisekisiwe
CVE: CVE-2025-9735 (🔒)
GCVE (CVE): GCVE-0-2025-9735
GCVE (VulDB): GCVE-100-322034
EUVD: 🔒
scip Labs: https://www.scip.ch/en/?labs.20161013
Ukungena
Kudalwa: 2025-08-30 18:46Ukuvuselelwa: 2025-09-05 22:59
Ukulungiswa: 2025-08-30 18:46 (57), 2025-08-31 18:33 (30), 2025-08-31 21:54 (1), 2025-09-05 22:59 (11)
Kugcwele: 🔍
Umthumeli: colorfullbz
Cache ID: 253:3A3:103
Thumela
Yamukelwa
- Thumela #637249: o2oa ≤ 10.0-410-g3d5e0d2 XSS (kusuka ku colorfullbz)
Kuze kube manje akukabikho ukuphawula. Izilimi: nr + nd + en.
Ngiyacela ungene ngemvume ukuze ukwazi ukuphawula.