CNNVD-202510-795 Information

CNNVD ID

CNNVD-202510-795

Related CVE

CVE-2025-11341

• CNNVD Published: 2025-10-06

Description (Chinese)

Jinher OA是中国金和（Jinher）公司的一款协同管理软件。 Jinher OA 2.0及之前版本存在代码问题漏洞，该漏洞源于对文件/c6/Jhsoft.Web.module/eformaspx/WebDesign.aspx中未知函数的操作，可能导致XML外部实体引用攻击。

Description (English)

Jinher OA is a co-management software from Jinher China. Jinher OA 2.0 and previous versions had a code problem loophole, which stemmed from the operation of an unknown function in file/c6/Jhsoft.Web.module/eformaspx/WebDesign.aspx, which could lead to an attack on an external XML entity.

Hazard Level

Medium

Vulnerability Type

代码问题

Published

2025-10-06

Last Modified

2026-02-24

References

https://github.com/rookie1006/CVE/issues/2 https://vuldb.com/?ctiid.327226 https://vuldb.com/?id.327226 https://vuldb.com/?submit.664613