CVE-2025-11341

Name of the Vulnerable Software and Affected Versions Jinher OA versions prior to 2.0

Description A security flaw exists in Jinher OA. The issue involves xml external entity reference within an unknown function of the file /c6/Jhsoft.Web.module/eformaspx/WebDesign.aspx/?type=SystemUserInfo&style=1. Remote exploitation is possible. The exploit has been publicly released.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.