Browse all 4 CVE security advisories affecting ObjectPlanet. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Objectplanet develops network monitoring and testing tools, primarily serving IT infrastructure management. Historically, their products have faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from input validation flaws and insecure default configurations. While no major public security incidents have been widely documented, the four CVEs on record highlight recurring issues in authentication mechanisms and data handling. Their security posture appears typical for mid-sized software vendors, with vulnerabilities addressed through regular patch cycles but lacking proactive security-by-design approaches in earlier versions.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-13873 | The feature to import a survey is prone to stored Cross-Site Script attacks — OpinioCWE-79 | 5.4AI | MediumAI | 2025-12-02 |
| CVE-2025-13872 | Blind Server-Side Request Forgery (SSRF) in the survey-import feature of ObjectPlanet Opinio — OpinioCWE-918 | 9.1AI | CriticalAI | 2025-12-02 |
| CVE-2025-13871 | The feature to manage resources is prone to Cross-Site Request Forgery attacks — OpinioCWE-352 | 8.8AI | HighAI | 2025-12-02 |
| CVE-2023-4472 | Cryptographically weak PRNG in Opinio 7.22 — OpinioCWE-335 | 9.8 | - | 2024-02-01 |
This page lists every published CVE security advisory associated with ObjectPlanet. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.