CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A stored cross-site scripting XSS vulnerability in the /article/comment component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the article comments section...

5.4CVSS5.5AI score0.00191EPSS

Exploits1

RedhatCVE•added 2025/05/22 5:4 p.m.•4 views

CVE-2020-19290

A stored cross-site scripting XSS vulnerability in the /weibo/comment component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Weibo comment section...

5.4CVSS5.5AI score0.00191EPSS

Exploits1

RedhatCVE•added 2025/05/22 5:4 p.m.•4 views

CVE-2020-19286

A stored cross-site scripting XSS vulnerability in the /question/detail component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the source field of the editor...

5.4CVSS5.5AI score0.00191EPSS

Exploits1

RedhatCVE•added 2025/05/22 5:4 p.m.•4 views

CVE-2020-19291

A stored cross-site scripting XSS vulnerability in the /weibo/publishdata component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a posted Weibo...

5.4CVSS5.5AI score0.00151EPSS

Exploits1

RedhatCVE•added 2025/05/22 5:4 p.m.•6 views

CVE-2020-19284

A stored cross-site scripting XSS vulnerability in the /group/comment component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the group comments text field...

5.4CVSS5.5AI score0.00191EPSS

Exploits1

RedhatCVE•added 2025/05/22 4:28 p.m.•3 views

CVE-2020-19293

A stored cross-site scripting XSS vulnerability in the /article/add component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a posted article...

5.4CVSS5.5AI score0.00191EPSS

Exploits1

RedhatCVE•added 2025/05/22 4:28 p.m.•4 views

CVE-2020-19295

A reflected cross-site scripting XSS vulnerability in the /weibo/topic component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML...

6.1CVSS5.9AI score0.08789EPSS

Exploits1

RedhatCVE•added 2025/05/22 4:28 p.m.•4 views

CVE-2020-19288

A stored cross-site scripting XSS vulnerability in the /localhost/u component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a private message...

5.4CVSS5.5AI score0.00191EPSS

Exploits1

Vulnrichment•added 2022/09/19 10:51 p.m.•4 views

CVE-2022-38550

A stored cross-site scripting XSS vulnerability in the /weibo/list component of Jeesns v2.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.6AI score0.00209EPSS

Exploits1References1

CNNVD•added 2021/09/09 12:0 a.m.•2 views

Jeesns 跨站脚本漏洞

JEESNS is a social management system developed on JAVA's enterprise-level platform. A stored cross-site scripting vulnerability exists in the /member/picture/album component in JEESNS version 1.4.2. The vulnerability can be exploited to execute arbitrary web script or HTML via a specially crafted...

5.4CVSS5.5AI score0.00264EPSS

Exploits1References3

CNVD•added 2020/06/01 12:0 a.m.•1 views

XSS vulnerability exists in jeesns (CNVD-2020-33191)

JEESNS is an open source social management system developed on the JAVA enterprise level platform. JEESNS XSS vulnerability , attackers can use the vulnerability to obtain user COOKIE information...

6.2AI score

Exploits0

Cvelist•added 2018/07/18 4:0 p.m.•14 views

CVE-2018-12429

JEESNS through 1.2.1 allows XSS attacks by ordinary users who publish articles containing a crafted payload in order to capture an administrator cookie...

5.1AI score0.00206EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by