Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:27 p.m.7 views

CVE-2020-18035

Cross Site Scripting XSS in Jeesns v1.4.2 allows remote attackers to execute arbitrary code by injecting commands into the "CKEditorFuncNum" parameter in the component "CkeditorUploadController.java"...

6.1CVSS6.9AI score0.01033EPSS
Exploits0
NVD
NVD
added 2021/04/29 11:15 p.m.22 views

CVE-2020-18035

Cross Site Scripting XSS in Jeesns v1.4.2 allows remote attackers to execute arbitrary code by injecting commands into the "CKEditorFuncNum" parameter in the component "CkeditorUploadController.java"...

6.1CVSS0.01033EPSS
Exploits0References1
OSV
OSV
added 2021/04/29 11:15 p.m.17 views

CVE-2020-18035

Cross Site Scripting XSS in Jeesns v1.4.2 allows remote attackers to execute arbitrary code by injecting commands into the "CKEditorFuncNum" parameter in the component "CkeditorUploadController.java"...

6.1CVSS6.8AI score
Exploits0References1
Cvelist
Cvelist
added 2021/04/29 10:53 p.m.24 views

CVE-2020-18035

Cross Site Scripting XSS in Jeesns v1.4.2 allows remote attackers to execute arbitrary code by injecting commands into the "CKEditorFuncNum" parameter in the component "CkeditorUploadController.java"...

6.4AI score0.01033EPSS
Exploits0References1
CVE
CVE
added 2021/04/29 10:53 p.m.60 views

CVE-2020-18035

CVE-2020-18035 is a cross-site scripting vulnerability in Jeesns v1.4.2. The issue arises in the CKEditor integration, specifically through the CKEditorFuncNum parameter in the file/component CkeditorUploadController.java, allowing remote attackers to craft inputs that execute arbitrary code in t...

6.1CVSS6.3AI score0.01033EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder