CNNVD-202512-1253 Information
Dec 09, 2025
cve
CNNVD ID
CNNVD-202512-1253
Related CVE
- CNNVD Published: 2025-12-09
Description (Chinese)
Xinhu RockOA是中国信呼(Xinhu)公司的一个办公OA系统。 Xinhu RockOA 2.7.0版本存在安全漏洞,该漏洞源于文件cliAction.php中函数urltestAction存在跨站脚本漏洞,可能导致注入任意Web脚本或HTML。
Description (English)
Xinhu RockOA is an OA office system of Xinhu China. Xinhu RockOA version 2.7.0 contains a security loophole, which stems from the existence of a cross-site script loophole in the function urltestaction in filecliAction.php, which may result in the injection of any Web script or HTML.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
信呼
Published
2025-12-09
Last Modified
2026-02-24
References
https://github.com/rainrocka/xinhu/issues/10
Share on: