Sign in Subscribe

← All advisories

Unrated severityNVD Advisory· Published Nov 18, 2025· Updated Nov 19, 2025

CVE-2025-63695

CVE-2025-63695

Description

DzzOffice v2.3.7 and before is vulnerable to Arbitrary File Upload in /dzz/system/ueditor/php/controller.php.

Affected products

2

DzzOffice/DzzOfficedescription
Dzz/DzzOfficellm-fuzzy
Range: <=2.3.7

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

github.com/zyx0814/dzzoffice/issues/365mitre

News mentions

0

No linked articles in our index yet.