CVE-2022-22916
O2OA v6.4.7 was discovered to contain a remote code execution (RCE) vulnerability via /x_program_center/jaxrs/invoke.
CVSS
9.8
Critical
EPSS
38.4%
p98
KEV
—
Exploit Today
30
0-100
Published: Feb 17, 2022 · Last modified: Jul 9, 2026
38.4%EPSS · 30 days39.9%
2026-06-302026-07-16
O2OA v6.4.7 was discovered to contain a remote code execution (RCE) vulnerability via /x_program_center/jaxrs/invoke.
No related CVEs by CWE or product.