CVE-2021-4461
CRITICAL EXPLOITEDSeeyon Zhiyuan OA Web App <7.0 SP1 - Info Disclosure
Title source: llmDescription
Seeyon Zhiyuan OA Web Application System versions up to and including 7.0 SP1 improperly decode and parse the `enc` parameter in thirdpartyController.do. The decoded map values can influence session attributes without sufficient authentication/authorization checks, enabling attackers to assign a session to arbitrary user IDs. VulnCheck has observed this vulnerability being exploited in the wild as of 2025-10-30 at 00:30:40.855917 UTC.
References (4)
Core 3Other ecosystem 1
Core References
Various Sources exploit
https://github.com/chaitin/xray/blob/f90cf321bc4d294bbf6625a9c4853f3bfdf0a384/pocs/seeyon-oa-cookie-leak.yml
Various Sources exploit
https://github.com/projectdiscovery/nuclei-templates/blob/1ca6b8e6fe225cbd46dcb893dcaee01447afa8c0/http/misconfiguration/seeyon-unauth.yaml#L20
Third Party Advisory third-party-advisory
https://www.vulncheck.com/advisories/seeyon-zhiyuan-oa-web-application-system-authentication-bypass
Other Ecosystem Writeups (1)
Various Sources exploit
https://mp.weixin.qq.com/s/0AqdfTrZUVrwTMbKEKresg
Scores
CVSS v4
9.3
EPSS
0.0010
EPSS Percentile
27.6%
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
VulnCheck KEV
2025-10-30
CWE
CWE-306
Status
published
Products (1)
Seeyon/Zhiyuan OA Web Application System
< 7.0 SP1
Published
Oct 30, 2025
Tracked Since
Feb 18, 2026