CVE-2025-6761 | Kingdee Cloud-Starry-Sky Enterprise Edition 6.x/7.x/8.x/9.0 Freemarker Engine DynamicForm 4 Action.class plugin.buildMobilePopHtml special elements used in a template engine (KDPSIRT-2025-00090)

A vulnerability was found in Kingdee Cloud-Starry-Sky Enterprise Edition 6.x/7.x/8.x/9.0. It has been rated as critical. Affected by this issue is the function plugin.buildMobilePopHtml of the file k3o2oboswebappactionDynamicForm 4 Action.class of the component Freemarker Engine. The manipulation leads to improper neutralization of special elements used in a template engine.

This vulnerability is handled as CVE-2025-6761. The attack may be launched remotely. Furthermore, there is an exploit available.

It is recommended to upgrade the affected component.

The vendor explains, that in the fixed release “Freemarker is set to ‘ALLOWS_NOTHING_RESOLVER’ to not parse any classes.”VulDB Recent EntriesRead More