CNNVD-202511-2010 Information
Nov 18, 2025
cve
CNNVD ID
CNNVD-202511-2010
Related CVE
- CNNVD Published: 2025-11-18
Description (Chinese)
DzzOffice是大桌子(DzzOffice)公司的一个可提供在线协同办公套件功能的平台。提供在线文档、表格、网盘、演示等功能。 DzzOffice v2.3.7及之前版本存在安全漏洞,该漏洞源于explorer/groupmanage容易受到SQL注入攻击。
Description (English)
DzzOffice is a platform for the DzzOffice company to provide online teamwork. Provides online documentation, tables, webpads, presentations, etc. DzzOffice v2.3.7 and previous versions contain a security loophole that stems from the vulnerability of expler/groupmanage to SQL injections.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
大桌子
Published
2025-11-18
Last Modified
2026-02-24
References
https://github.com/Yohane-Mashiro/dzzoffice_sql https://github.com/zyx0814/dzzoffice/issues/364 https://access.redhat.com/security/cve/cve-2025-63694
Patch
https://github.com/zyx0814/dzzoffice/releases
Share on: