| Description: | | Weaver E-cology is a high-end collaborative office system designed for large enterprises and groups. It provides comprehensive functions such as process management, knowledge management, and project management. It supports multiple organizations, departments, and users, helping enterprises achieve efficient collaboration and digital transformation. There is an XXE vulnerability in the deleteUserRequestInfoByXml interface of Weaver E-cology. Attackers can exploit this vulnerability by using a malicious XML document to load external entities, thereby stealing server files, executing commands, or launching man-in-the-middle attacks, which seriously threaten the security of the system. |