CVE-2025-10272 | erjinzhi 10OA 1.0 /trial/mvc/catalogue Name cross site scripting

A vulnerability has been found in erjinzhi 10OA 1.0 and classified as problematic. Affected is an unknown function of the file /trial/mvc/catalogue. This manipulation of the argument Name causes cross site scripting.

This vulnerability is handled as CVE-2025-10272. The attack can be initiated remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More