CVE-2025-4000 – Seeyon Zhiyuan OA Web Application System Cross Site Scripting Vulnerability

April 28, 2025

CVE ID : CVE-2025-4000

Published : April 28, 2025, 4:15 a.m. | 4 hours, 13 minutes ago

Description : A vulnerability, which was classified as problematic, was found in Seeyon Zhiyuan OA Web Application System 8.1 SP2. Affected is an unknown function of the file seeyonoptSeeyonA8ApacheJetspeedwebappsseeyonssoproxyjspssoproxy.jsp. The manipulation of the argument Name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4001 – “Scip File Descriptor Handler Uncontrolled File Descriptor Consumption Vulnerability”

Next Article CVE-2025-3999 – Seeyon Zhiyuan OA Web Application System Cross-Site Scripting Vulnerability

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

CVE-2025-4000 – Seeyon Zhiyuan OA Web Application System Cross Site Scripting Vulnerability

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

UNC1151 Exploits Roundcube Flaw in Spear Phishing Attack

CVE-2025-3499 – Apache OS Command Injection Vulnerability

CVE-2025-4009 – Evertz SVDN 3080ipx-10G PHP Web Management Interface Command Injection and Authentication Bypass

CVE-2025-46250 – Vikas Ratudi VForm Cross-site Scripting

Mafia: The Old Country will be $50, confirms leaked release date of August 2025

CVE-2025-5655 – PHPGurukul Complaint Management System SQL Injection Vulnerability

CVE-2025-5340 – Elementor Music Player Stored Cross-Site Scripting Vulnerability

I tested Dyson’s pricey flagship headphones and they’re better than I expected

CVE-2025-4000 – Seeyon Zhiyuan OA Web Application System Cross Site Scripting Vulnerability

Related Posts