CVE-2025-11035

Medium CVSS: 5.3

A vulnerability was determined in Jinher OA 2.0. The impacted element is an unknown function of the file /c6/Jhsoft.Web.module/ToolBar/ManageWord.aspx/?text=GetUrl&style=1. This manipulation causes xml external entity reference. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized.

Vendor

Jinher

Product

Jinher Oa

CWE

CWE-610

Yayın Tarihi

2025-09-26 19:15:34

Güncelleme

2025-10-08 20:13:35

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-610 Jinher Oa MEDIUM Jinher 2025

Referanslar

https://github.com/frwfxc123/CVE/issues/1 https://vuldb.com/?ctiid.325982 https://vuldb.com/?id.325982 https://vuldb.com/?submit.658253

Benzer Kayıtlar

Medium

CVE-2025-11341

A security flaw has been discovered in Jinher OA up to 2.0. This affects an unknown function of the file /c6/Jhsoft.Web.…

Medium

CVE-2025-10816

A security flaw has been discovered in Jinher OA 2.0. This affects an unknown part of the file /c6/Jhsoft.Web.module/Too…

Medium

CVE-2025-10092

A vulnerability was found in Jinher OA up to 1.2. This impacts an unknown function of the file /c6/Jhsoft.Web.projectman…

Medium

CVE-2025-10091

A vulnerability has been found in Jinher OA up to 1.2. This affects an unknown function of the file /c6/Jhsoft.Web.proje…

Medium

CVE-2025-10090

A flaw has been found in Jinher OA up to 1.2. The impacted element is an unknown function of the file /C6/Jhsoft.Web.dep…

Medium

CVE-2025-9931

A vulnerability was detected in Jinher OA 1.0. Affected is an unknown function of the file /jc6/platform/sys/login!chang…