CVE-2025-10274 | erjinzhi 10OA 1.0 /trial/mvc/item Name cross site scripting

A vulnerability was found in erjinzhi 10OA 1.0. It has been classified as problematic. Affected by this issue is some unknown functionality of the file /trial/mvc/item. Performing manipulation of the argument Name results in cross site scripting.

This vulnerability was named CVE-2025-10274. The attack may be initiated remotely. In addition, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More