Vulnerabilities > Jeesns

DATE CVE VULNERABILITY TITLE RISK
2021-09-09 CVE-2020-19280 Cross-Site Request Forgery (CSRF) vulnerability in Jeesns 1.4.2
Jeesns 1.4.2 contains a cross-site request forgery (CSRF) which allows attackers to escalate privileges and perform sensitive program operations.
network
jeesns CWE-352
6.8
2021-09-09 CVE-2020-19281 Cross-site Scripting vulnerability in Jeesns 1.4.2
A stored cross-site scripting (XSS) vulnerability in the /manage/loginusername component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the username field.
network
jeesns CWE-79
3.5
2021-09-09 CVE-2020-19282 Cross-site Scripting vulnerability in Jeesns 1.4.2
A reflected cross-site scripting (XSS) vulnerability in Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the system error message's text field.
network
jeesns CWE-79
4.3
2021-09-09 CVE-2020-19283 Cross-site Scripting vulnerability in Jeesns 1.4.2
A reflected cross-site scripting (XSS) vulnerability in the /newVersion component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML.
network
jeesns CWE-79
4.3
2021-09-09 CVE-2020-19284 Cross-site Scripting vulnerability in Jeesns 1.4.2
A stored cross-site scripting (XSS) vulnerability in the /group/comment component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the group comments text field.
network
jeesns CWE-79
3.5
2021-09-09 CVE-2020-19285 Cross-site Scripting vulnerability in Jeesns 1.4.2
A stored cross-site scripting (XSS) vulnerability in the /group/apply component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Name text field.
network
jeesns CWE-79
3.5
2021-09-09 CVE-2020-19286 Cross-site Scripting vulnerability in Jeesns 1.4.2
A stored cross-site scripting (XSS) vulnerability in the /question/detail component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the source field of the editor.
network
jeesns CWE-79
3.5
2021-09-09 CVE-2020-19287 Cross-site Scripting vulnerability in Jeesns 1.4.2
A stored cross-site scripting (XSS) vulnerability in the /group/post component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the title.
network
jeesns CWE-79
3.5
2021-09-09 CVE-2020-19288 Cross-site Scripting vulnerability in Jeesns 1.4.2
A stored cross-site scripting (XSS) vulnerability in the /localhost/u component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a private message.
network
jeesns CWE-79
3.5
2021-09-09 CVE-2020-19289 Cross-site Scripting vulnerability in Jeesns 1.4.2
A stored cross-site scripting (XSS) vulnerability in the /member/picture/album component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the new album tab.
network
jeesns CWE-79
3.5