{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-9646", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2025-08-29T06:02:55.638Z", "datePublished": "2025-08-29T13:02:06.803Z", "dateUpdated": "2025-08-29T13:45:03.471Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-08-29T13:02:06.803Z"}, "title": "O2OA calendarConfig cross site scripting", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-79", "lang": "en", "description": "Cross Site Scripting"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-94", "lang": "en", "description": "Code Injection"}]}], "affected": [{"vendor": "n/a", "product": "O2OA", "versions": [{"version": "10.0-410", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A security flaw has been discovered in O2OA up to 10.0-410. This vulnerability affects unknown code of the file /x_organization_assemble_personal/jaxrs/definition/calendarConfig. The manipulation of the argument toMonthViewName results in cross site scripting. The attack can be launched remotely. The exploit has been released to the public and may be exploited. The vendor replied in the GitHub issue (translated from simplified Chinese): \"This issue will be fixed in the new version.\""}, {"lang": "de", "value": "Es wurde eine Schwachstelle in O2OA bis 10.0-410 entdeckt. Dabei geht es um eine nicht genauer bekannte Funktion der Datei /x_organization_assemble_personal/jaxrs/definition/calendarConfig. Durch das Manipulieren des Arguments toMonthViewName mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff l\u00e4sst sich \u00fcber das Netzwerk starten. Der Exploit ist \u00f6ffentlich verf\u00fcgbar und k\u00f6nnte genutzt werden."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.1, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 3.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:C", "baseSeverity": "LOW"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 3.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:C", "baseSeverity": "LOW"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 4, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N/E:POC/RL:ND/RC:C"}}], "timeline": [{"time": "2025-08-29T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2025-08-29T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2025-08-29T08:08:11.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "meraklbz (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.321853", "name": "VDB-321853 | O2OA calendarConfig cross site scripting", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.321853", "name": "VDB-321853 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.636625", "name": "Submit #636625 | o2oa \u2264 10.0-410-g3d5e0d2 XSS", "tags": ["third-party-advisory"]}, {"url": "https://github.com/o2oa/o2oa/issues/170", "tags": ["issue-tracking"]}, {"url": "https://github.com/o2oa/o2oa/issues/170#issuecomment-3212894835", "tags": ["issue-tracking"]}, {"url": "https://github.com/o2oa/o2oa/issues/170#issue-3328947938", "tags": ["exploit", "issue-tracking"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-29T13:44:49.166545Z", "id": "CVE-2025-9646", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-29T13:45:03.471Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-9646", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-08-29T13:44:49.166545Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-29T13:44:54.850Z"}}], "cna": {"title": "O2OA calendarConfig cross site scripting", "credits": [{"lang": "en", "type": "reporter", "value": "meraklbz (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 3.5, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:C"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 3.5, "baseSeverity": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:C"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 4, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N/E:POC/RL:ND/RC:C"}}], "affected": [{"vendor": "n/a", "product": "O2OA", "versions": [{"status": "affected", "version": "10.0-410"}]}], "timeline": [{"lang": "en", "time": "2025-08-29T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2025-08-29T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2025-08-29T08:08:11.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.321853", "name": "VDB-321853 | O2OA calendarConfig cross site scripting", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.321853", "name": "VDB-321853 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.636625", "name": "Submit #636625 | o2oa \u2264 10.0-410-g3d5e0d2 XSS", "tags": ["third-party-advisory"]}, {"url": "https://github.com/o2oa/o2oa/issues/170", "tags": ["issue-tracking"]}, {"url": "https://github.com/o2oa/o2oa/issues/170#issuecomment-3212894835", "tags": ["issue-tracking"]}, {"url": "https://github.com/o2oa/o2oa/issues/170#issue-3328947938", "tags": ["exploit", "issue-tracking"]}], "descriptions": [{"lang": "en", "value": "A security flaw has been discovered in O2OA up to 10.0-410. This vulnerability affects unknown code of the file /x_organization_assemble_personal/jaxrs/definition/calendarConfig. The manipulation of the argument toMonthViewName results in cross site scripting. The attack can be launched remotely. The exploit has been released to the public and may be exploited. The vendor replied in the GitHub issue (translated from simplified Chinese): \"This issue will be fixed in the new version.\""}, {"lang": "de", "value": "Es wurde eine Schwachstelle in O2OA bis 10.0-410 entdeckt. Dabei geht es um eine nicht genauer bekannte Funktion der Datei /x_organization_assemble_personal/jaxrs/definition/calendarConfig. Durch das Manipulieren des Arguments toMonthViewName mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff l\u00e4sst sich \u00fcber das Netzwerk starten. Der Exploit ist \u00f6ffentlich verf\u00fcgbar und k\u00f6nnte genutzt werden."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "Cross Site Scripting"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-94", "description": "Code Injection"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-08-29T13:02:06.803Z"}}}, "cveMetadata": {"cveId": "CVE-2025-9646", "state": "PUBLISHED", "dateUpdated": "2025-08-29T13:45:03.471Z", "dateReserved": "2025-08-29T06:02:55.638Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2025-08-29T13:02:06.803Z", "assignerShortName": "VulDB"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:zoneland:o2oa:*:*:*:*:*:*:*:*", "matchCriteriaId": "01EA8AA6-AC92-4F88-A35C-C05342638C1F", "versionEndIncluding": "10.0-410", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A security flaw has been discovered in O2OA up to 10.0-410. This vulnerability affects unknown code of the file /x_organization_assemble_personal/jaxrs/definition/calendarConfig. The manipulation of the argument toMonthViewName results in cross site scripting. The attack can be launched remotely. The exploit has been released to the public and may be exploited. The vendor replied in the GitHub issue (translated from simplified Chinese): \"This issue will be fixed in the new version.\""}], "id": "CVE-2025-9646", "lastModified": "2025-09-16T16:37:31.810", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.5, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 1.4, "source": "cna@vuldb.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2025-08-29T13:15:39.510", "references": [{"source": "cna@vuldb.com", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "url": "https://github.com/o2oa/o2oa/issues/170"}, {"source": "cna@vuldb.com", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "url": "https://github.com/o2oa/o2oa/issues/170#issue-3328947938"}, {"source": "cna@vuldb.com", "tags": ["Issue Tracking"], "url": "https://github.com/o2oa/o2oa/issues/170#issuecomment-3212894835"}, {"source": "cna@vuldb.com", "tags": ["Permissions Required", "VDB Entry"], "url": "https://vuldb.com/?ctiid.321853"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?id.321853"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?submit.636625"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}, {"lang": "en", "value": "CWE-94"}], "source": "cna@vuldb.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}