CVE-2025-9715
BaseFortify
Publication date: 2025-08-31
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| zoneland | o2oa | to 10.0-410 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-9715 is a stored cross-site scripting (XSS) vulnerability in the O2OA application (versions up to 10.0-410) affecting the Personal Profile Page component at the endpoint `/x_cms_assemble_control/jaxrs/script`. It occurs because user inputs in profile fields such as "name," "alias," and "description" are not properly sanitized before being stored and later rendered. This allows attackers to inject malicious JavaScript code that executes in the browsers of users who view the affected profiles, potentially compromising user data and session integrity. [1, 2, 3]
How can this vulnerability impact me? :
This vulnerability can lead to persistent execution of malicious JavaScript in the browsers of users who view the compromised profiles. The impact includes theft of session tokens, exposure of sensitive user data, and unauthorized actions performed on behalf of authenticated users. Because the exploit is publicly available and can be launched remotely, it poses a moderate risk to affected systems and users. [1, 2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking for the presence of malicious script payloads in the user-controllable parameters 'name', 'alias', and 'description' at the endpoint `/x_cms_assemble_control/jaxrs/script`. One way to detect exploitation attempts is to monitor HTTP POST requests to this endpoint containing suspicious payloads such as `"><img src=1 onerror=alert(1)>`. Network monitoring tools or web application firewalls (WAF) can be configured to alert on such patterns. Additionally, you can use curl or similar tools to send crafted requests to test if the endpoint is vulnerable. Example command to test the vulnerability: `curl -X POST -H "Content-Type: application/json" -d '{"name":"\"><img src=1 onerror=alert(1)>","alias":"test","description":"test"}' https://your-o2oa-instance/x_cms_assemble_control/jaxrs/script` and then check if the script executes when viewing the profile page. [2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include filtering and escaping user inputs in the 'name', 'alias', and 'description' fields before storage, and ensuring proper output encoding when rendering these fields to prevent script execution. Since no official patch is currently available, you should consider restricting access to the vulnerable endpoint, applying web application firewall rules to block malicious payloads, and educating users to avoid interacting with suspicious profiles. Ultimately, upgrading to a fixed version once released by the vendor is recommended. [2, 3]