CVE-2025-63739 | Xinhu Rainrock RockOA 2.7.0 Configuration coginiAction.php phpinisaveAction improper authentication (Issue 12)

A vulnerability, which was classified as critical, was found in Xinhu Rainrock RockOA 2.7.0. Affected by this vulnerability is the function phpinisaveAction of the file webmain/system/cogini/coginiAction.php of the component Configuration Handler. Such manipulation leads to improper authentication.

This vulnerability is documented as CVE-2025-63739. The attack can be executed remotely. There is not any exploit available.VulDB Recent EntriesRead More