Vulnerabilities (CVE)

Filtered by vendor Zoneland Subscribe
Filtered by product O2oa
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-47418 1 Zoneland 1 O2oa 2024-02-05 N/A 9.8 CRITICAL
Remote Code Execution (RCE) vulnerability in o2oa version 8.1.2 and before, allows attackers to create a new interface in the service management function to execute JavaScript.
CVE-2022-22916 1 Zoneland 1 O2oa 2024-02-04 7.5 HIGH 9.8 CRITICAL
O2OA v6.4.7 was discovered to contain a remote code execution (RCE) vulnerability via /x_program_center/jaxrs/invoke.