Security Advisory

CVE-2025-25589

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-03-18 00:00:00
Last updated 2025-03-21 13:35:19
Assigner mitre
State PUBLISHED

Description

An XML external entity (XXE) injection vulnerability in the component /weixin/aes/XMLParse.java of yimioa before v2024.07.04 allows attackers to execute arbitrary code via supplying a crafted XML file.