6 matches found
CVE-2020-19284
A stored cross-site scripting XSS vulnerability in the /group/comment component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the group comments text field...
CVE-2019-16665
An issue was discovered in ThinkSAAS 2.91. There is XSS via the content to the index.php?app=group∾=comment=do=1 URI, as demonstrated by a crafted SVG document in the SRC attribute of an EMBED element...
CVE-2020-19284
A stored cross-site scripting XSS vulnerability in the /group/comment component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the group comments text field...
CVE-2020-19284
A stored cross-site scripting XSS vulnerability in the /group/comment component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the group comments text field...
CVE-2020-19284
A stored cross-site scripting XSS vulnerability in the /group/comment component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the group comments text field...
XSS Vulnerability at JEESNS Group Comments
JEESNS is an open source social management system developed on JAVA's enterprise-class platform. JEESNS group comments at the existence of XSS vulnerability , an attacker can be exploited to inject arbitrary Web script or HTML...