64 matches found
Thinkgem JeeSite 安全漏洞
Thinkgem JeeSite is an open source Java EE enterprise-class rapid development platform of China Zhuo Yuan Thinkgem company . The platform includes system permissions components , data permissions components , data dictionary components , core tools components , view manipulation components ,...
CVE-2025-7763
A vulnerability, which was classified as problematic, was found in thinkgem JeeSite up to 5.12.0. Affected is the function select of the file src/main/java/com/jeesite/modules/cms/web/SiteController.java of the component Site Controller. The manipulation of the argument redirect leads to open...
CVE-2025-7759
A vulnerability was identified in thinkgem JeeSite up to 5.12.0. This vulnerability affects unknown code of the file modules/core/src/main/java/com/jeesite/common/ueditor/ActionEnter.java of the component UEditor Image Grabber. Such manipulation of the argument Source leads to server-side request...
CVE-2025-7763 thinkgem JeeSite Site Controller/SSO redirect
A vulnerability, which was classified as problematic, was found in thinkgem JeeSite up to 5.12.0. Affected is an unknown function of the component Site Controller/SSO. The manipulation leads to open redirect. It is possible to launch the attack remotely. The exploit has been disclosed to the publ...
CVE-2025-7763
CVE-2025-7763 affects thinkgem JeeSite up to version 5.12.0. The vulnerability lies in the Site Controller’s SiteController.java, where manipulation of the redirect argument in the select function causes an open redirect. Exploitation can be performed remotely, and public disclosure of the exploi...
CVE-2025-7763 thinkgem JeeSite Site Controller SiteController.java select redirect
A vulnerability, which was classified as problematic, was found in thinkgem JeeSite up to 5.12.0. Affected is the function select of the file src/main/java/com/jeesite/modules/cms/web/SiteController.java of the component Site Controller. The manipulation of the argument redirect leads to open...
CVE-2025-7759 thinkgem JeeSite UEditor Image Grabber ActionEnter.java server-side request forgery
A vulnerability was identified in thinkgem JeeSite up to 5.12.0. This vulnerability affects unknown code of the file modules/core/src/main/java/com/jeesite/common/ueditor/ActionEnter.java of the component UEditor Image Grabber. Such manipulation of the argument Source leads to server-side request...
CVE-2025-7759 thinkgem JeeSite UEditor Image Grabber ActionEnter.java server-side request forgery
A vulnerability was identified in thinkgem JeeSite up to 5.12.0. This vulnerability affects unknown code of the file modules/core/src/main/java/com/jeesite/common/ueditor/ActionEnter.java of the component UEditor Image Grabber. Such manipulation of the argument Source leads to server-side request...
PT-2025-29981
Name of the Vulnerable Software and Affected Versions thinkgem JeeSite versions up to 5.12.0 Description A problematic vulnerability exists in thinkgem JeeSite. The select function within the src/main/java/com/jeesite/modules/cms/web/SiteController.java file of the Site Controller component is...
Thinkgem JeeSite 输入验证错误漏洞
Thinkgem JeeSite is an open source Java EE enterprise-class rapid development platform of China Zhuo Yuan Thinkgem company . The platform includes system permissions components , data permissions components , data dictionary components , core tools components , view manipulation components ,...
Thinkgem JeeSite 代码问题漏洞
Thinkgem JeeSite is an open source Java EE enterprise-class rapid development platform of China Joyuan Thinkgem company . The platform includes system permissions components , data permissions components , data dictionary components , core tools components , view manipulation components , workflo...
PT-2025-29978
Name of the Vulnerable Software and Affected Versions thinkgem JeeSite versions up to 5.12.0 Description A critical vulnerability exists in thinkgem JeeSite. The issue is located in an unknown part of the file modules/core/src/main/java/com/jeesite/common/ueditor/ActionEnter.java within the UEdit...
CVE-2025-5186
A vulnerability was found in thinkgem JeeSite up to 5.11.1. It has been rated as critical. Affected by this issue is the function ResourceLoader.getResource of the file /cms/fileTemplate/form of the component URI Scheme Handler. The manipulation of the argument Name leads to server-side request...
CVE-2025-5186
A vulnerability was found in thinkgem JeeSite up to 5.11.1. It has been rated as critical. Affected by this issue is the function ResourceLoader.getResource of the file /cms/fileTemplate/form of the component URI Scheme Handler. The manipulation of the argument Name leads to server-side request...
CVE-2025-5186 thinkgem JeeSite URI Scheme form ResourceLoader.getResource server-side request forgery
A vulnerability was found in thinkgem JeeSite up to 5.11.1. It has been rated as critical. Affected by this issue is the function ResourceLoader.getResource of the file /cms/fileTemplate/form of the component URI Scheme Handler. The manipulation of the argument Name leads to server-side request...
CVE-2025-5186 thinkgem JeeSite URI Scheme form ResourceLoader.getResource server-side request forgery
A vulnerability was found in thinkgem JeeSite up to 5.11.1. It has been rated as critical. Affected by this issue is the function ResourceLoader.getResource of the file /cms/fileTemplate/form of the component URI Scheme Handler. The manipulation of the argument Name leads to server-side request...
CVE-2025-5186
CVE-2025-5186 affects thinkgem JeeSite up to 5.11.1. The vulnerability concerns ResourceLoader.getResource in the URI Scheme Handler, specifically the /cms/fileTemplate/form component, where manipulating the Name parameter leads to server-side request forgery (SSRF). The issue can be exploited re...
Thinkgem JeeSite 代码问题漏洞
Thinkgem JeeSite is an open source Java EE enterprise-class rapid development platform of China Joyuan Thinkgem company . The platform includes system permissions components , data permissions components , data dictionary components , core tools components , view manipulation components , workflo...
PT-2025-22928 · Thinkgem · Thinkgem Jeesite
Name of the Vulnerable Software and Affected Versions: thinkgem JeeSite versions up to 5.11.1 Description: A critical issue affects the function ResourceLoader.getResource of the file /cms/fileTemplate/form in the component URI Scheme Handler. The manipulation of the argument Name leads to...
CVE-2024-8112
A vulnerability was found in thinkgem JeeSite 5.3. It has been rated as problematic. This issue affects some unknown processing of the file /js/a/login of the component Cookie Handler. The manipulation of the argument skinName leads to cross site scripting. The attack may be initiated remotely. T...