CVE-2025-6761

MEDIUM EPSS 28.4%

Published Jun 27, 20251y ago · Modified Jun 17, 20261w ago

5.5 CVSS 4.0

Medium

Published Jun 27, 2025 1y ago

Last Modified Jun 17, 2026 1w ago

Description

A vulnerability was found in Kingdee Cloud-Starry-Sky Enterprise Edition 6.x/7.x/8.x/9.0. It has been rated as critical. Affected by this issue is the function plugin.buildMobilePopHtml of the file \k3\o2o\bos\webapp\action\DynamicForm 4 Action.class of the component Freemarker Engine. The manipulation leads to improper neutralization of special elements used in a template engine. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. The vendor explains, that in the fixed release "Freemarker is set to 'ALLOWS_NOTHING_RESOLVER' to not parse any classes."

CVSS Details

Base Score

5.5

Exploitability

—

Impact

—

Vector string

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector Network

Attack Complexity Low

Privileges Required None

User Interaction None

Scope X

Threat Intelligence

EPSS Exploit Probability

28.4% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 2

CWE-1336

CWE-791

References 5

vip.kingdee.com https://vip.kingdee.com/link/s/ZlWX7
vip.kingdee.com https://vip.kingdee.com/school/detail/713028702245944320
vuldb.com https://vuldb.com/?ctiid.314072
vuldb.com https://vuldb.com/?id.314072
vuldb.com https://vuldb.com/?submit.601207

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.