CVE-2025-9719
BaseFortify
Publication date: 2025-08-31
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| zoneland | o2oa | to 10.0-410 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-9719 is a stored cross-site scripting (XSS) vulnerability in O2OA versions up to 10.0-410, specifically in the Personal Profile Page component. It occurs because user inputs in fields like name, alias, description, and applicationName are not properly sanitized before being stored and later rendered. This allows attackers to inject malicious scripts that execute persistently when other users view the affected profile page, potentially compromising user data and application integrity. [1, 2, 3]
How can this vulnerability impact me? :
This vulnerability can lead to persistent execution of malicious JavaScript in the browsers of users who view the compromised profile pages. This can result in theft of session tokens, exposure of sensitive user data, and unauthorized actions performed on behalf of authenticated users. The attack can be executed remotely and requires some user interaction, making it a significant risk to data integrity and user security. [1, 2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing the vulnerable endpoint `/x_processplatform_assemble_designer/jaxrs/script` for stored cross-site scripting (XSS) by sending crafted POST requests with malicious script payloads in the fields name, alias, description, or applicationName. For example, you can use curl to send a JSON payload containing a script or an image tag with an onerror event to see if the script executes when the profile is viewed. Example command: curl -X POST -H "Content-Type: application/json" -d '{"name":"<img src=x onerror=alert(1)>"}' https://your-o2oa-instance/x_processplatform_assemble_designer/jaxrs/script. Monitoring HTTP traffic for suspicious payloads or unexpected script execution in user profiles can also help detect exploitation attempts. [3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include filtering and escaping user inputs in the affected profile fields (name, alias, description, applicationName) before storing them, and ensuring proper output encoding when rendering these fields to prevent script execution. If possible, consider disabling or restricting access to the vulnerable endpoint until a patch or update is available. Since no known countermeasures or official patches are identified, replacing the affected product or applying custom input sanitization and output encoding is recommended to reduce risk. [2, 3]