Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Xinhu RockOA index.php publicsaveAjax improper authorization
Vulnerability Description
A vulnerability was found in Xinhu RockOA up to 2.6.9. Impacted is the function publicsaveAjax of the file /index.php. Performing manipulation results in improper authorization. The attack is possible to be carried out remotely. The exploit has been made public and could be used.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
授权机制不恰当
Vulnerability Title
Xinhu RockOA 安全漏洞
Vulnerability Description
Xinhu RockOA是中国信呼(Xinhu)公司的一个办公OA系统。 Xinhu RockOA 2.6.9及之前版本存在安全漏洞,该漏洞源于文件/index.php中函数publicsaveAjax存在授权不当问题。
CVSS Information
N/A
Vulnerability Type
N/A