Yohane-Mashiro/dzzoffice_upload

Releases0

Stars2

dzzoffice 文件上传导致xss

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-63695 ↗	Nov 18, 2025Tuesday, 18 November 2025, 18:16	9.8 CRITICAL	—
DzzOffice v2.3.7 and before is vulnerable to Arbitrary File Upload in /dzz/system/ueditor/php/controller.php.