Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jeesns vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2018-12429
JEESNS up to and including 1.2.1 allows XSS attacks by ordinary users who publish articles containing a crafted payload in order to capture an administrator cookie.
Jeesns Jeesns
5.4
CVSSv3
CVE-2020-19281
A stored cross-site scripting (XSS) vulnerability in the /manage/loginusername component of Jeesns 1.4.2 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload in the username field.
Jeesns Jeesns 1.4.2
6.1
CVSSv3
CVE-2020-19283
A reflected cross-site scripting (XSS) vulnerability in the /newVersion component of Jeesns 1.4.2 allows malicious users to execute arbitrary web scripts or HTML.
Jeesns Jeesns 1.4.2
5.4
CVSSv3
CVE-2020-19290
A stored cross-site scripting (XSS) vulnerability in the /weibo/comment component of Jeesns 1.4.2 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload in the Weibo comment section.
Jeesns Jeesns 1.4.2
5.4
CVSSv3
CVE-2020-19292
A stored cross-site scripting (XSS) vulnerability in the /question/ask component of Jeesns 1.4.2 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload in a posted question.
Jeesns Jeesns 1.4.2
5.4
CVSSv3
CVE-2022-38550
A stored cross-site scripting (XSS) vulnerability in the /weibo/list component of Jeesns v2.0.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload.
Jeesns Jeesns 2.0.0
5.4
CVSSv3
CVE-2018-19178
In JEESNS 1.3, com/lxinet/jeesns/core/utils/XssHttpServletRequestWrapper.java allows stored XSS via an HTML EMBED element, a different vulnerability than CVE-2018-17886.
Jeesns Jeesns 1.3
6.1
CVSSv3
CVE-2020-19282
A reflected cross-site scripting (XSS) vulnerability in Jeesns 1.4.2 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload in the system error message's text field.
Jeesns Jeesns 1.4.2
5.4
CVSSv3
CVE-2020-19284
A stored cross-site scripting (XSS) vulnerability in the /group/comment component of Jeesns 1.4.2 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload in the group comments text field.
Jeesns Jeesns 1.4.2
5.4
CVSSv3
CVE-2020-19286
A stored cross-site scripting (XSS) vulnerability in the /question/detail component of Jeesns 1.4.2 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload in the source field of the editor.
Jeesns Jeesns 1.4.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »