Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

O2OA — Vulnerabilities & Security Advisories 20

All 20 CVE vulnerabilities found in O2OA, with AI-generated Chinese analysis, references, and POCs.

Vendor: Zhejiang Land Zongheng Network Technology

CVE IDTitleCVSSSeverityPublished
CVE-2026-2074 O2OA HTTP POST Request check xml external entity reference CWE-611 6.3 Medium2026-02-07
CVE-2025-9737 O2OA Personal Profile importmodel cross site scripting CWE-79 3.5 Low2025-08-31
CVE-2025-9736 O2OA Personal Profile statement cross site scripting CWE-79 3.5 Low2025-08-31
CVE-2025-9735 O2OA Personal Profile table cross site scripting CWE-79 3.5 Low2025-08-31
CVE-2025-9734 O2OA Personal Profile stat cross site scripting CWE-79 3.5 Low2025-08-31
CVE-2025-9719 O2OA Personal Profile script cross site scripting CWE-79 3.5 Low2025-08-31
CVE-2025-9718 O2OA Personal Profile process cross site scripting CWE-79 3.5 Low2025-08-31
CVE-2025-9717 O2OA Personal Profile unit cross site scripting CWE-79 3.5 Low2025-08-31
CVE-2025-9716 O2OA Personal Profile form cross site scripting CWE-79 3.5 Low2025-08-31
CVE-2025-9715 O2OA Personal Profile script cross site scripting CWE-79 3.5 Low2025-08-31
CVE-2025-9683 O2OA Personal Profile form cross site scripting CWE-79 3.5 Low2025-08-30
CVE-2025-9682 O2OA Personal Profile appdict cross site scripting CWE-79 3.5 Low2025-08-30
CVE-2025-9681 O2OA Personal Profile agent cross site scripting CWE-79 3.5 Low2025-08-30
CVE-2025-9680 O2OA Personal Profile page cross site scripting CWE-79 3.5 Low2025-08-30
CVE-2025-9659 O2OA Personal Profile widget cross site scripting CWE-79 3.5 Low2025-08-29
CVE-2025-9658 O2OA Personal Profile dict cross site scripting CWE-79 3.5 Low2025-08-29
CVE-2025-9657 O2OA Personal Profile script cross site scripting CWE-79 3.5 Low2025-08-29
CVE-2025-9655 O2OA Personal Profile person cross site scripting CWE-79 3.5 Low2025-08-29
CVE-2025-9646 O2OA calendarConfig cross site scripting CWE-79 3.5 Low2025-08-29
CVE-2024-3689 Zhejiang Land Zongheng Network Technology O2OA information disclosure CWE-200 3.7 Low2024-04-12

All 20 known CVE vulnerabilities affecting O2OA with full Chinese analysis, references, and POCs where available.