Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Xinhu RockOA start backup
Vulnerability Description
A vulnerability was found in Xinhu RockOA 2.3.2. It has been classified as problematic. This affects the function start of the file task.php?m=sys|runt&a=beifen. The manipulation leads to exposure of backup file to an unauthorized control sphere. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-240927.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
将备份文件暴露给非授权控制范围
Vulnerability Title
RockOA 安全漏洞
Vulnerability Description
RockOA(信呼)是一套开源的办公OA系统。 Xinhu RockOA 2.3.2版本存在安全漏洞。攻击者利用该漏洞导致备份文件暴露给未经授权的控制范围。
CVSS Information
N/A
Vulnerability Type
N/A