VYPR

Yudao Cloud

by Iocoder

CVEs (3)

  • CVE-2025-10987MedSep 26, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was determined in YunaiV yudao-cloud up to 2025.09. Affected by this issue is some unknown functionality of the file /crm/contact/transfer of the component HTTP Request Handler. This manipulation of the argument contactId causes improper authorization. It is…

  • CVE-2025-10277MedSep 12, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was detected in YunaiV yudao-cloud up to 2025.09. This issue affects some unknown processing of the file /crm/receivable/submit. The manipulation of the argument ID results in improper authorization. The attack can be executed remotely. The exploit is now public…

  • CVE-2025-10275MedSep 12, 2025
    risk 0.41cvss 6.3epss 0.00

    A weakness has been identified in YunaiV yudao-cloud up to 2025.09. This affects an unknown part of the file /crm/business/transfer. Executing manipulation of the argument ids/newOwnerUserId can lead to improper authorization. The attack may be launched remotely. The exploit has…