Home

Description

WukongCRM-9.0-JAVA was discovered to contain a fastjson deserialization vulnerability via the /OaExamine/setOaExamine interface.

PUBLISHED Reserved 2025-09-26 | Published 2025-10-08 | Updated 2025-10-08 | Assigner mitre

References

github.com/...geYourWay/post/blob/main/WukongCRM-9.0-JAVA.md

gist.github.com/...eYourWay/424478421d6a78d1f87d324cddcbfd59

cve.org (CVE-2025-60828)

nvd.nist.gov (CVE-2025-60828)

Download JSON