Browse all 4 CVE security advisories affecting YiJiuSmile. AI-powered Chinese analysis, POCs, and references for each vulnerability.
YiJiuSmile operates as a customer service platform designed to enhance business-customer interactions through integrated communication tools. Historically, the platform has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, as evidenced by its four recorded CVEs. These vulnerabilities often stem from insufficient input validation and improper access controls in its web interface and API endpoints. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities suggests potential risks for organizations relying on the platform for sensitive customer data handling and communication services.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-7628 | YiJiuSmile kkFileViewOfficeEdit deleteFile path traversal — kkFileViewOfficeEditCWE-22 | 5.4 | Medium | 2025-07-14 |
| CVE-2025-7627 | YiJiuSmile kkFileViewOfficeEdit fileUpload unrestricted upload — kkFileViewOfficeEditCWE-434 | 6.3 | Medium | 2025-07-14 |
| CVE-2025-7626 | YiJiuSmile kkFileViewOfficeEdit onlinePreview path traversal — kkFileViewOfficeEditCWE-22 | 4.3 | Medium | 2025-07-14 |
| CVE-2025-7625 | YiJiuSmile kkFileViewOfficeEdit download path traversal — kkFileViewOfficeEditCWE-22 | 4.3 | Medium | 2025-07-14 |
This page lists every published CVE security advisory associated with YiJiuSmile. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.