Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jeesns jeesns vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2020-19291
A stored cross-site scripting (XSS) vulnerability in the /weibo/publishdata component of Jeesns 1.4.2 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload in a posted Weibo.
Jeesns Jeesns 1.4.2
312
VMScore
CVE-2020-19292
A stored cross-site scripting (XSS) vulnerability in the /question/ask component of Jeesns 1.4.2 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload in a posted question.
Jeesns Jeesns 1.4.2
312
VMScore
CVE-2020-19293
A stored cross-site scripting (XSS) vulnerability in the /article/add component of Jeesns 1.4.2 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload in a posted article.
Jeesns Jeesns 1.4.2
312
VMScore
CVE-2020-19294
A stored cross-site scripting (XSS) vulnerability in the /article/comment component of Jeesns 1.4.2 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload in the article comments section.
Jeesns Jeesns 1.4.2
383
VMScore
CVE-2020-19295
A reflected cross-site scripting (XSS) vulnerability in the /weibo/topic component of Jeesns 1.4.2 allows malicious users to execute arbitrary web scripts or HTML.
Jeesns Jeesns 1.4.2
312
VMScore
CVE-2018-17886
An issue exists in JEESNS 1.3. The XSS filter in com.lxinet.jeesns.core.utils.XssHttpServletRequestWrapper.java could be bypassed, as demonstrated by a <svg/onLoad=confirm substring. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-12429.
Jeesns Jeesns 1.3
312
VMScore
CVE-2020-19289
A stored cross-site scripting (XSS) vulnerability in the /member/picture/album component of Jeesns 1.4.2 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload in the new album tab.
Jeesns Jeesns 1.4.2
NA
CVE-2022-38550
A stored cross-site scripting (XSS) vulnerability in the /weibo/list component of Jeesns v2.0.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload.
Jeesns Jeesns 2.0.0
312
VMScore
CVE-2018-19178
In JEESNS 1.3, com/lxinet/jeesns/core/utils/XssHttpServletRequestWrapper.java allows stored XSS via an HTML EMBED element, a different vulnerability than CVE-2018-17886.
Jeesns Jeesns 1.3
383
VMScore
CVE-2020-18035
Cross Site Scripting (XSS) in Jeesns v1.4.2 allows remote malicious users to execute arbitrary code by injecting commands into the "CKEditorFuncNum" parameter in the component "CkeditorUploadController.java".
Jeesns Jeesns 1.4.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »