CVE-2025-29691 – OA System XSS

May 14, 2025

CVE ID : CVE-2025-29691

Published : May 14, 2025, 10:15 p.m. | 52 minutes ago

Description : A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the userName parameter at /login/LoginsController.java.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-29689 – OA System Cross-Site Scripting (XSS)

Next Article CVE-2025-29686 – OA System Cross-Site Scripting (XSS)

Highlights

Exploits and vulnerabilities in Q1 2025

May 30, 2025

Exploits and vulnerabilities in Q1 2025

The first quarter of 2025 saw the continued publication of vulnerabilities discovered and fixed in 2024, as some researchers were previously unable to disclose the details. This partially shifted the …
Read more

Published Date:
May 30, 2025 (1 hour, 50 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-24071

CVE-2025-21333

CVE-2024-35250

CVE-2022-3699

CVE-2023-38831

CVE-2022-0847

CVE-2021-3156

CVE-2019-13272

CVE-2018-0802

CVE-2017-11882

CVE-2017-0199

10 Benefits of Hiring a React.js Development Company (2025–2026 Edition)

From Line To Layout: How Past Experiences Shape Your Design Career

Hire React.js Developers in the US: How to Choose the Right Team for Your Needs

Google’s coding agent Jules gets critique functionality

The best smartphones without AI features in 2025: Expert tested and recommended

GPT-5 was supposed to simplify ChatGPT but now it has 4 new modes – here’s why

Gemini just got two of ChatGPT’s best features – and they’re free

The HP OmniBook 5 laptop offers 34 hours of battery life – and it’s 60% off today only

Laravel Boost is released

Laravel Boost is released

Frontend Standards for Optimizely Configured Commerce: Clean & Scalable Web Best Practices

Live Agent Escalation in Copilot Studio Using D365 Omnichannel – Architecture and Use Case

OpenAI’s Sam Altman: GPT-5 fails to meet AGI standards amid Microsoft’s fading partnership — “it’s still missing something”

OpenAI’s Sam Altman: GPT-5 fails to meet AGI standards amid Microsoft’s fading partnership — “it’s still missing something”

You Think You Need a Monster PC to Run Local AI, Don’t You? — My Seven-Year-Old Mid-range Laptop Says Otherwise

8 Registry Tweaks that will Make File Explorer Faster and Easier to Use on Windows 11

CVE-2025-29691 – OA System XSS

How the always-on generation can level up its cybersecurity game

Supply-chain dependencies: Check your resilience blind spot

CVE-2025-54365 – Fastapi-Guard Regular Expression ReDoS Bypass

IceBox converts images into a PDF file

‘Xbox PC’ branding appears to have shifted to ‘Xbox on PC’ — a subtle change but one that makes way more sense

CVE-2025-4613 – Google Web Designer Path Traversal Remote Code Execution Vulnerability

Exploits and vulnerabilities in Q1 2025

cybercog/laravel-clickhouse

spatie/laravel-mailcoach-sdk

Databricks Co-Founder Launches New AI Research Lab to Focus on “What’s Good for People”

CVE-2025-29691 – OA System XSS

Related Posts