CVE-2025-7823 | Jinher OA 1.2 ProjectScheduleDelete.aspx xml external entity reference

Inserito da Angelo Barbosa | Lug 18, 2025 | CVE

A vulnerability was found in Jinher OA 1.2. It has been declared as problematic. This vulnerability affects unknown code of the file ProjectScheduleDelete.aspx. The manipulation leads to xml external entity reference.

This vulnerability was named CVE-2025-7823. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-7823 | Jinher OA 1.2 ProjectScheduleDelete.aspx xml external entity reference

Post correlati

CVE-2024-28519 | MicroWorld eScan Antivirus 4.0.0.49 Kernel ProcObsrvesx.sys Privilege Escalation

CVE-2025-0049 | Fortra GoAnywhere up to 7.7 information exposure

CVE-2024-7062 | Nimble Commander up to 1.6.0 Build 4087 on macOS info.filesmanager.Files.PrivilegedIOHelperV2 authorization

CVE-2024-22290 | AboZain O7abeeb UnitOne Custom Dashboard Widgets Plugin up to 1.3.1 on WordPress cross-site request forgery