Lucene search
+L

192 matches found

OSV
OSV
added 2025/07/20 2:14 a.m.5 views

CVE-2025-7863 thinkgem JeeSite ServletUtils.java redirectUrl

A vulnerability was found in thinkgem JeeSite up to 5.12.0 and classified as problematic. Affected by this issue is the function redirectUrl of the file src/main/java/com/jeesite/common/web/http/ServletUtils.java. The manipulation of the argument url leads to open redirect. The attack may be...

5.1CVSS4.9AI score0.00348EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2025/07/20 12:0 a.m.7 views

PT-2025-30166

Name of the Vulnerable Software and Affected Versions thinkgem JeeSite versions up to 5.12.0 Description A critical issue exists in thinkgem JeeSite that allows for unrestricted file uploads. The Upload function within the file src/main/java/com/jeesite/modules/file/web/FileUploadController.java ...

6.5CVSS6.2AI score0.00303EPSS
Exploits1References15
CNNVD
CNNVD
added 2025/07/20 12:0 a.m.8 views

Thinkgem JeeSite 输入验证错误漏洞

Thinkgem JeeSite is an open source Java EE enterprise-class rapid development platform of China Zhuo Yuan Thinkgem company . The platform includes system permissions components , data permissions components , data dictionary components , core tools components , view manipulation components ,...

5.1CVSS4.7AI score0.00348EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/07/20 12:0 a.m.4 views

PT-2025-30165

Name of the Vulnerable Software and Affected Versions thinkgem JeeSite versions up to 5.12.0 Description An open redirect issue exists in the redirectUrl function located in the file src/main/java/com/jeesite/common/web/http/ServletUtils.java. The manipulation of the url argument can lead to an...

5.1CVSS4.4AI score0.00348EPSS
Exploits1References15
CNNVD
CNNVD
added 2025/07/20 12:0 a.m.6 views

Thinkgem JeeSite 代码注入漏洞

Thinkgem JeeSite is an open source Java EE enterprise-class rapid development platform for China Zhuo Yuan Thinkgem company . The platform includes system permissions components , data permissions components , data dictionary components , core tools components , view manipulation components ,...

5.4CVSS4.5AI score0.00304EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2025/07/20 12:0 a.m.13 views

PT-2025-30167

Name of the Vulnerable Software and Affected Versions thinkgem JeeSite versions up to 5.12.0 Description A vulnerability exists in thinkgem JeeSite up to version 5.12.0 related to cross-site scripting. The issue resides in the xssFilter function within the...

5.4CVSS3.8AI score0.00304EPSS
Exploits1References15
CNNVD
CNNVD
added 2025/07/20 12:0 a.m.7 views

Thinkgem JeeSite 代码问题漏洞

Thinkgem JeeSite is an open source Java EE enterprise-class rapid development platform of China Joyuan Thinkgem company . The platform includes system permissions components , data permissions components , data dictionary components , core tools components , view manipulation components , workflo...

6.5CVSS6.2AI score0.00303EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/07/19 11:5 p.m.9 views

CVE-2025-7763

A vulnerability, which was classified as problematic, was found in thinkgem JeeSite up to 5.12.0. Affected is the function select of the file src/main/java/com/jeesite/modules/cms/web/SiteController.java of the component Site Controller. The manipulation of the argument redirect leads to open...

5.3CVSS4.6AI score0.00397EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/07/19 10:11 p.m.13 views

CVE-2025-7759

A vulnerability was identified in thinkgem JeeSite up to 5.12.0. This vulnerability affects unknown code of the file modules/core/src/main/java/com/jeesite/common/ueditor/ActionEnter.java of the component UEditor Image Grabber. Such manipulation of the argument Source leads to server-side request...

8.8CVSS6.3AI score0.00309EPSS
Exploits1References1
NVD
NVD
added 2025/07/18 12:15 p.m.19 views

CVE-2025-7785

A vulnerability classified as problematic was found in thinkgem JeeSite up to 5.12.0. This vulnerability affects the function sso of the file src/main/java/com/jeesite/modules/sys/web/SsoController.java. The manipulation of the argument redirect leads to open redirect. The attack can be initiated...

5.3CVSS0.00403EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2025/07/18 11:44 a.m.5 views

CVE-2025-7785 thinkgem JeeSite SsoController.java sso redirect

A vulnerability classified as problematic was found in thinkgem JeeSite up to 5.12.0. This vulnerability affects the function sso of the file src/main/java/com/jeesite/modules/sys/web/SsoController.java. The manipulation of the argument redirect leads to open redirect. The attack can be initiated...

5.3CVSS7.1AI score0.00403EPSS
Exploits1References7
Cvelist
Cvelist
added 2025/07/18 11:44 a.m.22 views

CVE-2025-7785 thinkgem JeeSite SsoController.java sso redirect

A vulnerability classified as problematic was found in thinkgem JeeSite up to 5.12.0. This vulnerability affects the function sso of the file src/main/java/com/jeesite/modules/sys/web/SsoController.java. The manipulation of the argument redirect leads to open redirect. The attack can be initiated...

5.3CVSS0.00403EPSS
Exploits1References7
CVE
CVE
added 2025/07/18 11:44 a.m.25 views

CVE-2025-7785

CVE-2025-7785 affects thinkgem JeeSite up to version 5.12.0. The vulnerability lies in the sso function of SsoController.java, where manipulation of the redirect parameter enables an open redirect. The issue is remotely exploitable and has been publicly disclosed. A patch is available (commit: 3d...

5.3CVSS4.7AI score0.00403EPSS
Exploits1References7Affected Software1
OSV
OSV
added 2025/07/18 11:44 a.m.10 views

CVE-2025-7785 thinkgem JeeSite SsoController.java sso redirect

A vulnerability classified as problematic was found in thinkgem JeeSite up to 5.12.0. This vulnerability affects the function sso of the file src/main/java/com/jeesite/modules/sys/web/SsoController.java. The manipulation of the argument redirect leads to open redirect. The attack can be initiated...

5.3CVSS4.8AI score0.00403EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2025/07/18 12:0 a.m.10 views

PT-2025-30029

Name of the Vulnerable Software and Affected Versions thinkgem JeeSite versions up to 5.12.0 Description A problematic issue exists in the sso function within the file src/main/java/com/jeesite/modules/sys/web/SsoController.java. Manipulation of the redirect argument can lead to an open redirect...

5.3CVSS4.3AI score0.00403EPSS
Exploits1References14
CNNVD
CNNVD
added 2025/07/18 12:0 a.m.8 views

Thinkgem JeeSite 安全漏洞

Thinkgem JeeSite is an open source Java EE enterprise-class rapid development platform of China Zhuo Yuan Thinkgem company . The platform includes system permissions components , data permissions components , data dictionary components , core tools components , view manipulation components ,...

5.3CVSS4.9AI score0.00403EPSS
Exploits1References8
NVD
NVD
added 2025/07/17 11:15 p.m.7 views

CVE-2025-7763

A vulnerability, which was classified as problematic, was found in thinkgem JeeSite up to 5.12.0. Affected is the function select of the file src/main/java/com/jeesite/modules/cms/web/SiteController.java of the component Site Controller. The manipulation of the argument redirect leads to open...

5.3CVSS0.00397EPSS
Exploits1References6
NVD
NVD
added 2025/07/17 10:15 p.m.12 views

CVE-2025-7759

A vulnerability was identified in thinkgem JeeSite up to 5.12.0. This vulnerability affects unknown code of the file modules/core/src/main/java/com/jeesite/common/ueditor/ActionEnter.java of the component UEditor Image Grabber. Such manipulation of the argument Source leads to server-side request...

8.8CVSS0.00309EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/07/17 10:14 p.m.6 views

CVE-2025-7763 thinkgem JeeSite Site Controller/SSO redirect

A vulnerability, which was classified as problematic, was found in thinkgem JeeSite up to 5.12.0. Affected is an unknown function of the component Site Controller/SSO. The manipulation leads to open redirect. It is possible to launch the attack remotely. The exploit has been disclosed to the publ...

5.3CVSS4.7AI score0.00397EPSS
Exploits1References8
Cvelist
Cvelist
added 2025/07/17 10:14 p.m.14 views

CVE-2025-7763 thinkgem JeeSite Site Controller SiteController.java select redirect

A vulnerability, which was classified as problematic, was found in thinkgem JeeSite up to 5.12.0. Affected is the function select of the file src/main/java/com/jeesite/modules/cms/web/SiteController.java of the component Site Controller. The manipulation of the argument redirect leads to open...

5.3CVSS0.00397EPSS
Exploits1References6
Rows per page
Query Builder