CVE-2024-8112
CVE-2024-8112 affects thinkgem JeeSite 5.3, with the Cookie Handler’s /js/a/login endpoint vulnerable to cross-site scripting. The issue stems from unsafely handling the skinName parameter, enabling remote exploitation. Multiple connected sources corroborate the affected component and payload vec...