Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jeesns jeesns 1.4.2 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-18035
Cross Site Scripting (XSS) in Jeesns v1.4.2 allows remote malicious users to execute arbitrary code by injecting commands into the "CKEditorFuncNum" parameter in the component "CkeditorUploadController.java".
Jeesns Jeesns 1.4.2
6.8
CVSSv2
CVE-2020-19280
Jeesns 1.4.2 contains a cross-site request forgery (CSRF) which allows malicious users to escalate privileges and perform sensitive program operations.
Jeesns Jeesns 1.4.2
3.5
CVSSv2
CVE-2020-19281
A stored cross-site scripting (XSS) vulnerability in the /manage/loginusername component of Jeesns 1.4.2 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload in the username field.
Jeesns Jeesns 1.4.2
4.3
CVSSv2
CVE-2020-19282
A reflected cross-site scripting (XSS) vulnerability in Jeesns 1.4.2 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload in the system error message's text field.
Jeesns Jeesns 1.4.2
4.3
CVSSv2
CVE-2020-19283
A reflected cross-site scripting (XSS) vulnerability in the /newVersion component of Jeesns 1.4.2 allows malicious users to execute arbitrary web scripts or HTML.
Jeesns Jeesns 1.4.2
3.5
CVSSv2
CVE-2020-19284
A stored cross-site scripting (XSS) vulnerability in the /group/comment component of Jeesns 1.4.2 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload in the group comments text field.
Jeesns Jeesns 1.4.2
3.5
CVSSv2
CVE-2020-19285
A stored cross-site scripting (XSS) vulnerability in the /group/apply component of Jeesns 1.4.2 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload in the Name text field.
Jeesns Jeesns 1.4.2
3.5
CVSSv2
CVE-2020-19286
A stored cross-site scripting (XSS) vulnerability in the /question/detail component of Jeesns 1.4.2 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload in the source field of the editor.
Jeesns Jeesns 1.4.2
3.5
CVSSv2
CVE-2020-19287
A stored cross-site scripting (XSS) vulnerability in the /group/post component of Jeesns 1.4.2 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload in the title.
Jeesns Jeesns 1.4.2
3.5
CVSSv2
CVE-2020-19288
A stored cross-site scripting (XSS) vulnerability in the /localhost/u component of Jeesns 1.4.2 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload in a private message.
Jeesns Jeesns 1.4.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »