CVE-2025-9717
BaseFortify
Publication date: 2025-08-31
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| zoneland | o2oa | to 10.0-410 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-9717 is a stored cross-site scripting (XSS) vulnerability in the O2OA application, specifically affecting versions up to 10.0-410. It occurs in the personal profile page component at the endpoint /x_organization_assemble_control/jaxrs/unit/{flag}. The vulnerability arises because user input in fields like name, shortName, distinguishedName, pinyin, pinyinInitial, and levelName is not properly sanitized before being stored and later rendered. This allows attackers to inject malicious scripts that execute in the browsers of users who view the affected profile, leading to persistent XSS. [1, 2, 3]
How can this vulnerability impact me? :
This vulnerability can lead to persistent execution of malicious JavaScript in the browsers of users who view the compromised personal profile page. The impact includes theft of session tokens or sensitive user data, unauthorized actions performed on behalf of authenticated users, and potential compromise of user accounts or data integrity. Since the exploit is publicly available and can be launched remotely, attackers can easily exploit this flaw to affect users. [2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking for the presence of malicious scripts in the affected endpoint `/x_organization_assemble_control/jaxrs/unit/{flag}`. A practical approach is to send crafted HTTP requests (e.g., PUT requests) with payloads containing typical XSS test scripts such as `<img src=1 onerror=alert(1)>` in the fields name, shortName, distinguishedName, pinyin, or levelName, and then observe if the script executes when the profile is viewed. Network monitoring tools can also be used to detect suspicious PUT requests to this endpoint. Example command using curl to test the vulnerability: `curl -X PUT -H "Content-Type: application/json" -d '{"name":"<img src=1 onerror=alert(1)>", "shortName":"test"}' https://target/o2oa/x_organization_assemble_control/jaxrs/unit/testflag`. [2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include filtering and escaping user input in the affected profile fields (name, shortName, distinguishedName, pinyin, pinyinInitial, levelName) before storing them, and ensuring proper output encoding when rendering this data in the application to prevent script execution. If possible, restrict or monitor access to the vulnerable endpoint to reduce exposure. Since no official patches or countermeasures are currently available, consider disabling or replacing the affected component until a fix is released. [2, 3]