CVE-2025-15436

Name of the Vulnerable Software and Affected Versions Yonyou KSOA version 9.0

Description A SQL injection issue exists in Yonyou KSOA 9.0 due to manipulation of the Report argument within the file /worksheet/work edit.jsp. This allows for remote attacks. The exploit details have been publicly disclosed. The vendor was notified but did not respond.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.