Description
xinhu xinhuoa 2.2.1 contains a File upload vulnerability.
References (3)
Core 3
Core References
Third Party Advisory
https://gist.github.com/Maverickfir/b8113bdb51ec66e454ffa5b50674c446
Exploit, Third Party Advisory
https://github.com/Maverickfir/Vulnerability-recurrence/blob/main/xinhuOA.md
Scores
CVSS v3
9.8
EPSS
0.0016
EPSS Percentile
37.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
total
Details
CWE
CWE-434
Status
published
Products (1)
rockoa/xinhu
2.2.1
Published
Dec 06, 2023
Tracked Since
Feb 18, 2026