VYPR
Low severity3.5NVD Advisory· Published Jul 21, 2024· Updated Jun 17, 2026

CVE-2024-6939

CVE-2024-6939

Description

A vulnerability was found in Xinhu RockOA 2.6.3 and classified as problematic. Affected by this issue is the function okla of the file /webmain/public/upload/tpl_upload.html. The manipulation of the argument callback leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-271994 is the identifier assigned to this vulnerability.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Xinhu/Rockoallm-fuzzy2 versions
    = 2.6.3+ 1 more
    • (no CPE)range: = 2.6.3
    • (no CPE)range: 2.6.3

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.