CVE-2025-13249 | Jiusi OA up to 20251102 OfficeServer Interface OfficeServer?isAjaxDownloadTemplate=false FileData unrestricted upload

A vulnerability described as critical has been identified in Jiusi OA up to 20251102. This affects an unknown function of the file /OfficeServer?isAjaxDownloadTemplate=false of the component OfficeServer Interface. Such manipulation of the argument FileData leads to unrestricted upload.

This vulnerability is uniquely identified as CVE-2025-13249. The attack can be launched remotely. Moreover, an exploit is present.VulDB Recent EntriesRead More