Browse all 7 CVE security advisories affecting Xinhu. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Xinhu operates primarily in enterprise resource planning and government information systems, serving as a critical infrastructure component. Historically, its vulnerabilities have frequently included remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from insufficient input validation and access controls. The platform's widespread deployment in sensitive sectors has made it a target for exploitation, with several high-severity vulnerabilities enabling unauthorized system access. While no major public breaches have been definitively attributed to Xinhu vulnerabilities, its CVE history indicates persistent security challenges, particularly in web application components and authentication mechanisms that continue to pose risks to deployed environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-0588 | Xinhu Rainrock RockOA API rockfun.php cross site scripting — Rainrock RockOACWE-79 | 3.5 | Low | 2026-01-05 |
| CVE-2026-0587 | Xinhu Rainrock RockOA Cover Image rock_page_gong.php cross site scripting — Rainrock RockOACWE-79 | 3.5 | Low | 2026-01-05 |
| CVE-2025-9602 | Xinhu RockOA index.php publicsaveAjax improper authorization — RockOACWE-285 | 6.3 | Medium | 2025-08-29 |
| CVE-2024-7327 | Xinhu RockOA openmodhetongAction.php dataAction sql injection — RockOACWE-89 | 6.3 | Medium | 2024-07-31 |
| CVE-2024-6939 | Xinhu RockOA tpl_upload.html okla cross site scripting — RockOACWE-79 | 3.5 | Low | 2024-07-21 |
| CVE-2023-5297 | Xinhu RockOA start backup — RockOACWE-530 | 3.7 | Low | 2023-09-29 |
| CVE-2023-5296 | Xinhu RockOA Password password recovery — RockOACWE-640 | 4.3 | Medium | 2023-09-29 |
This page lists every published CVE security advisory associated with Xinhu. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.