CVE-2025-4531 | Seeyon Zhiyuan OA Web Application System 8.1 SP2 Beetl Template EhrSalaryPayrollServiceImpl.class postData payrollId code injection

Inserito da Angelo Barbosa | Mag 10, 2025 | CVE

A vulnerability was found in Seeyon Zhiyuan OA Web Application System 8.1 SP2. It has been rated as critical. Affected by this issue is the function postData of the file ROOTWEB-INFclassescomourswwwehrsalaryservicedataEhrSalaryPayrollServiceImpl.class of the component Beetl Template Handler. The manipulation of the argument payrollId leads to code injection.

This vulnerability is handled as CVE-2025-4531. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2025-4531 | Seeyon Zhiyuan OA Web Application System 8.1 SP2 Beetl Template EhrSalaryPayrollServiceImpl.class postData payrollId code injection

Post correlati

CVE-2024-23487 | Intel Server D50DNP improper authentication (intel-sa-01080)

CVE-2024-30356 | Foxit PDF Reader AcroForm out-of-bounds

CVE-2024-2169 | UDP Application Protocol Packet denial of service

CVE-2025-1954 | PHPGurukul Human Metapneumovirus Testing Management System 1.0 /login.php username sql injection