← back
CVE-2025-9669

Jinher OA GetTreeDate.aspx sql injection

CVSS 6.9 MEDIUMEPSS 0.4%CWE-74CWE-89
A vulnerability has been found in Jinher OA 1.0. This issue affects some unknown processing of the file GetTreeDate.aspx. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
Affected products
Jinher · OA

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/1276486/CVE/issues/1https://vuldb.com/?ctiid.321876https://vuldb.com/?id.321876https://vuldb.com/?submit.637413