Browse all 5 CVE security advisories affecting 20120630. AI-powered Chinese analysis, POCs, and references for each vulnerability.
20120630 is a widely deployed enterprise application primarily used for customer relationship management and business process automation. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, with five CVEs currently documented. The application's complex architecture and extensive integration capabilities have contributed to its attack surface. While no major public security incidents have been specifically attributed to this identifier, its prevalence in enterprise environments makes it a persistent target for exploitation. Regular patching and secure configuration remain critical for organizations utilizing this software to mitigate identified risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-4019 | 20120630 Novel-Plus GeneratorController.java genCode missing authentication — Novel-PlusCWE-306 | 7.3 | High | 2025-04-28 |
| CVE-2025-4018 | 20120630 Novel-Plus CrawlController.java addCrawlSource missing authentication — Novel-PlusCWE-306 | 5.3 | Medium | 2025-04-28 |
| CVE-2025-4017 | 20120630 Novel-Plus LogController.java list improper authorization — Novel-PlusCWE-285 | 4.3 | Medium | 2025-04-28 |
| CVE-2025-4016 | 20120630 Novel-Plus LogController.java deleteIndex improper authorization — Novel-PlusCWE-285 | 5.4 | Medium | 2025-04-28 |
| CVE-2025-4015 | 20120630 Novel-Plus SessionController.java list missing authentication — Novel-PlusCWE-306 | 5.3 | Medium | 2025-04-28 |
This page lists every published CVE security advisory associated with 20120630. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.