CVE-2025-6829 – AluoXiang Oa System External Address Book Handler SQL Injection Vulnerability

CVE ID : CVE-2025-6829

Published : June 28, 2025, 11:15 p.m. | 2 hours, 43 minutes ago

Description : A vulnerability was found in aaluoxiang oa_system up to c3a08168c144f27256a90838492c713f55f1b207 and classified as critical. This issue affects the function outAddress of the component External Address Book Handler. The manipulation leads to sql injection. The attack may be initiated remotely. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…