Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown

CVE-2023-47418

Disclosure Date: November 30, 2023 (last updated December 06, 2023)
Remote Code Execution (RCE) vulnerability in o2oa version 8.1.2 and before, allows attackers to create a new interface in the service management function to execute JavaScript.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-22916

Disclosure Date: February 17, 2022 (last updated October 07, 2023)
O2OA v6.4.7 was discovered to contain a remote code execution (RCE) vulnerability via /x_program_center/jaxrs/invoke.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0