CVE-2025-2030

Name of the Vulnerable Software and Affected Versions Seeyon Zhiyuan Interconnect FE Collaborative Office Platform versions up to 20250224

Description A critical issue affects some unknown functionality of the file /security/addUser.jsp, where the manipulation of the groupId argument leads to SQL injection. This issue can be exploited remotely.

Recommendations For Seeyon Zhiyuan Interconnect FE Collaborative Office Platform versions up to 20250224, as a temporary workaround, consider restricting access to the /security/addUser.jsp file and avoid using the groupId argument until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.