VYPR
Low severity3.5NVD Advisory· Published Aug 31, 2025· Updated Apr 29, 2026

CVE-2025-9717

CVE-2025-9717

Description

A vulnerability was identified in O2OA up to 10.0-410. Affected by this issue is some unknown functionality of the file /x_organization_assemble_control/jaxrs/unit/ of the component Personal Profile Page. Such manipulation of the argument name/shortName/distinguishedName/pinyin/pinyinInitial/levelName leads to cross site scripting. The attack may be launched remotely. The exploit is publicly available and might be used.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • cpe:2.3:a:zoneland:o2oa:*:*:*:*:*:*:*:*
    Range: <=10.0-410
  • O2oa/O2oallm-fuzzy
    Range: <=10.0-410

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.