CVE-2025-29691 – OA System XSS

May 14, 2025

CVE ID : CVE-2025-29691

Published : May 14, 2025, 10:15 p.m. | 52 minutes ago

Description : A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the userName parameter at /login/LoginsController.java.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-29689 – OA System Cross-Site Scripting (XSS)

Next Article CVE-2025-29686 – OA System Cross-Site Scripting (XSS)

Highlights

CVE-2025-5163 – “Yangshare WarehouseManager Remote Unauthenticated Access Control Bypass”

May 26, 2025

CVE ID : CVE-2025-5163

Published : May 26, 2025, 2:15 a.m. | 2 hours, 55 minutes ago

Description : A vulnerability, which was classified as problematic, was found in yangshare 技术杨工 warehouseManager 仓库管理系统 1.0. This affects an unknown part. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

How AI further empowers value stream management

12 Top ReactJS Development Companies in 2025

Not sure where to go with AI? Here’s your roadmap.

This week in AI dev tools: A2A donated to Linux Foundation, OpenAI adds Deep Research to API, and more (June 27, 2025)

Microsoft’s Copilot+ has been here over a year and I still don’t care about it — but I do wish I had one of its features

SteelSeries’ latest wireless mouse is cheap and colorful — but is this the one to spend your money on?

DistroWatch Weekly, Issue 1128

Your Slack app is getting a big upgrade – here’s how to try the new AI features

How Code Feedback MCP Enhances AI-Generated Code Quality

How Code Feedback MCP Enhances AI-Generated Code Quality

PRSS Site Creator – Create Blogs and Websites from Your Desktop

Say hello to ECMAScript 2025

Microsoft’s Copilot+ has been here over a year and I still don’t care about it — but I do wish I had one of its features

Microsoft’s Copilot+ has been here over a year and I still don’t care about it — but I do wish I had one of its features

SteelSeries’ latest wireless mouse is cheap and colorful — but is this the one to spend your money on?

Microsoft confirms Windows 11 25H2, might make Windows more stable

CVE-2025-29691 – OA System XSS

Synology ABM Flaw (CVE-2025-4679) Leaks Global Client Secret, Exposing ALL Microsoft 365 Tenants

D-Link DIR-816 Router Alert: 6 Critical Flaws (CVSS 9.8) Allow Remote Code Execution, NO PATCHES

Windows Common Log File System Driver Vulnerability Let Attackers Escalate Privileges

How to replace your Windows 11 Start menu with a better alternative – including my favorite

CVE-2025-4480 – Apache Code-Projects Simple College Management System Stack-Based Buffer Overflow Vulnerability

LitePub is a lightweight static blog generator

CVE-2025-5163 – “Yangshare WarehouseManager Remote Unauthenticated Access Control Bypass”

CVE-2025-26997 – Validas Wireless Butler Cross-site Scripting

How Imports Work in React Server Components (RSC)

Urgent CISA Alert: Ransomware Actors Exploiting SimpleHelp RMM Flaw (CVE-2024-57727)

CVE-2025-29691 – OA System XSS

Related Posts