2075463979

**Name of the Vulnerable Software and Affected Versions** Jiusi OA versions prior to 20251103 **Description** A security issue has been identified in Jiusi OA. The issue involves unrestricted upload capabilities through manipulation of the `FileData` argument within an unknown function of the `/OfficeServer?isAjaxDownloadTemplate=false` API endpoint of the OfficeServer Interface component. This allows for remote exploitation. The exploit has been publicly disclosed. **Recommendations** Update Jiusi OA to a version later than 20251102.