4 matches found
CVE-2026-36761
A stored cross-site scripting XSS vulnerability in the /msg/msgInner/save endpoint of JeeSite v5.15.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted input into the msgContent parameter...
JeeSite 跨站脚本漏洞
JeeSite is a Java rapid development platform open-sourced by Zhuo Yuan thinkgem in Jinan, China. Version JeeSite 5.15.1 contains a cross-site scripting vulnerability. This vulnerability stems from a storage-type cross-site scripting present in the /msg/msgInner/save endpoint, which may allow...
CVE-2026-36761
The CVE-2026-36761 entry documents a stored XSS vulnerability in JeeSite v5.15.1. The flaw resides in the /msg/msgInner/save endpoint, where crafted input in the msgContent parameter can lead to execution of arbitrary web scripts/HTML. The vulnerability is described with a CVSS v3.1 base score of...
CVE-2026-36761
A stored cross-site scripting XSS vulnerability in the /msg/msgInner/save endpoint of JeeSite v5.15.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted input into the msgContent parameter...