CVE-2025-22927

Published: 2025-04-03T13:15Z

Last Modified: 2025-04-03T13:15Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

An issue in OS4ED openSIS v8.0 through v9.1 allows attackers to execute a directory traversal by sending a crafted POST request to /Modules.php?modname=messaging/Inbox.php&modfunc=save&filename. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt