mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
119 lines
4.3 KiB
JSON
119 lines
4.3 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2025-4000",
|
|
"ASSIGNER": "cna@vuldb.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "A vulnerability, which was classified as problematic, was found in Seeyon Zhiyuan OA Web Application System 8.1 SP2. Affected is an unknown function of the file seeyon\\opt\\Seeyon\\A8\\ApacheJetspeed\\webapps\\seeyon\\ssoproxy\\jsp\\ssoproxy.jsp. The manipulation of the argument Name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
|
|
},
|
|
{
|
|
"lang": "deu",
|
|
"value": "Es wurde eine Schwachstelle in Seeyon Zhiyuan OA Web Application System 8.1 SP2 gefunden. Sie wurde als problematisch eingestuft. Hiervon betroffen ist ein unbekannter Codeblock der Datei seeyon\\opt\\Seeyon\\A8\\ApacheJetspeed\\webapps\\seeyon\\ssoproxy\\jsp\\ssoproxy.jsp. Durch Manipulieren des Arguments Name mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Cross Site Scripting",
|
|
"cweId": "CWE-79"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Code Injection",
|
|
"cweId": "CWE-94"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "Seeyon",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Zhiyuan OA Web Application System",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "8.1 SP2"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://vuldb.com/?id.306336",
|
|
"refsource": "MISC",
|
|
"name": "https://vuldb.com/?id.306336"
|
|
},
|
|
{
|
|
"url": "https://vuldb.com/?ctiid.306336",
|
|
"refsource": "MISC",
|
|
"name": "https://vuldb.com/?ctiid.306336"
|
|
},
|
|
{
|
|
"url": "https://vuldb.com/?submit.558067",
|
|
"refsource": "MISC",
|
|
"name": "https://vuldb.com/?submit.558067"
|
|
},
|
|
{
|
|
"url": "https://wx.mail.qq.com/s?k=g1PB2UUAekANSMkHzr",
|
|
"refsource": "MISC",
|
|
"name": "https://wx.mail.qq.com/s?k=g1PB2UUAekANSMkHzr"
|
|
}
|
|
]
|
|
},
|
|
"credits": [
|
|
{
|
|
"lang": "en",
|
|
"value": "caichaoxiong (VulDB User)"
|
|
}
|
|
],
|
|
"impact": {
|
|
"cvss": [
|
|
{
|
|
"version": "3.1",
|
|
"baseScore": 3.5,
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
|
|
"baseSeverity": "LOW"
|
|
},
|
|
{
|
|
"version": "3.0",
|
|
"baseScore": 3.5,
|
|
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
|
|
"baseSeverity": "LOW"
|
|
},
|
|
{
|
|
"version": "2.0",
|
|
"baseScore": 4,
|
|
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
|
|
}
|
|
]
|
|
}
|
|
} |