CNNVD-202602-1141 Information

Feb 07, 2026 cve

CNNVD ID

CNNVD-202602-1141

CVE-2026-2074

  • CNNVD Published: 2026-02-07

Description (Chinese)

O2OA是O2OA开源的一款企业应用开发平台。 O2OA 9.0.0及之前版本存在代码问题漏洞,该漏洞源于HTTP POST请求处理程序存在XML外部实体引用。

Description (English)

O2OA is an enterprise application development platform for O2OA open sources. O2OA 9.0.0 and previous versions have a code problem loophole, which stems from the presence of an XML external entity in the HTTP POST request process.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

O2OA

Published

2026-02-07

Last Modified

2026-02-24

References

https://github.com/SourByte05/SourByte-Lab/issues/7 https://vuldb.com/?ctiid.344640 https://vuldb.com/?id.344640 https://vuldb.com/?submit.745486 https://vuldb.com/?submit.745489 https://access.redhat.com/security/cve/cve-2026-2074

Share on: