2 matches found
CVE-2020-19293
A stored cross-site scripting XSS vulnerability in the /article/add component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a posted article...
CVE-2020-19293
CVE-2020-19293 describes a stored XSS in Jeesns 1.4.2’s /article/add, allowing a crafted payload in a posted article to execute script/HTML. The vulnerability is documented across multiple sources (NVD entry and industry disclosures) with the same impact: execution of arbitrary web scripts via us...