Home

Description

O2OA v9.0.3 was discovered to contain a remote code execution (RCE) vulnerability via the mainOutput() function.

PUBLISHED Reserved 2024-06-10 | Published 2025-08-27 | Updated 2025-08-27 | Assigner mitre

References

github.com/o2oa/o2oa/issues/158

cve.org (CVE-2024-37777)

nvd.nist.gov (CVE-2024-37777)

Download JSON