Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5
CVE-2025-9602
- EPSS 0.03%
- Published 29.08.2025 01:02:10
- Last modified 11.09.2025 12:43:41
A vulnerability was found in Xinhu RockOA up to 2.6.9. Impacted is the function publicsaveAjax of the file /index.php. Performing manipulation results in improper authorization. The attack is possible to be carried out remotely. The exploit has been ...
6.1
CVE-2024-6939
- EPSS 0.11%
- Published 21.07.2024 05:15:04
- Last modified 21.11.2024 09:50:35
A vulnerability was found in Xinhu RockOA 2.6.3 and classified as problematic. Affected by this issue is the function okla of the file /webmain/public/upload/tpl_upload.html. The manipulation of the argument callback leads to cross site scripting. Th...
6.1
CVE-2024-37622
- EPSS 0.63%
- Published 17.06.2024 14:15:11
- Last modified 30.04.2025 23:53:02
Xinhu RockOA v2.6.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the num parameter at /flow/flow.php.
1