Jeesns Security Vulnerabilities and Issues — Jeesns CVE List

Lucene search

JeesnsJeesns

3 matches found

CVE•added 2018/10/02 6:29 p.m.•41 views

CVE-2018-17886

An issue was discovered in JEESNS 1.3. The XSS filter in com.lxinet.jeesns.core.utils.XssHttpServletRequestWrapper.java could be bypassed, as demonstrated by a

5.4CVSS5.2AI score0.00206EPSS

CVE•added 2018/07/18 4:29 p.m.•32 views

CVE-2018-12429

JEESNS through 1.2.1 allows XSS attacks by ordinary users who publish articles containing a crafted payload in order to capture an administrator cookie.

5.4CVSS5.1AI score0.00206EPSS

CVE•added 2018/11/11 4:29 p.m.•32 views

CVE-2018-19178

In JEESNS 1.3, com/lxinet/jeesns/core/utils/XssHttpServletRequestWrapper.java allows stored XSS via an HTML EMBED element, a different vulnerability than CVE-2018-17886.

5.4CVSS5.1AI score0.00281EPSS