A vulnerability, which was classified as problematic, has been found in hailey888 oa_system. This issue affects some unknown processing of the file /login/LoginsController.java. The manipulation of the argument Username leads to cross site scripting.
The identification of this vulnerability is CVE-2025-29691. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.