CVE-2025-63738 | THREATINT

Description

An issue was discovered in file index.php in Xinhu Rainrock RockOA 2.7.0 allowing attackers to gain sensitive information via phpinfo via the a parameter to the index.php.

PUBLISHED Reserved 2025-10-27 | Published 2025-12-09 | Updated 2025-12-10 | Assigner mitre

References

github.com/rainrocka/xinhu/issues/11

cve.org (CVE-2025-63738)

nvd.nist.gov (CVE-2025-63738)

Download JSON