Vulnerabilities > Jeesns > Jeesns

DATE CVE VULNERABILITY TITLE RISK
2021-09-09 CVE-2020-19295 Cross-site Scripting vulnerability in Jeesns 1.4.2
A reflected cross-site scripting (XSS) vulnerability in the /weibo/topic component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML.
network
jeesns CWE-79
4.3
2021-09-09 CVE-2020-19294 Cross-site Scripting vulnerability in Jeesns 1.4.2
A stored cross-site scripting (XSS) vulnerability in the /article/comment component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the article comments section.
network
jeesns CWE-79
3.5
2021-09-09 CVE-2020-19293 Cross-site Scripting vulnerability in Jeesns 1.4.2
A stored cross-site scripting (XSS) vulnerability in the /article/add component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a posted article.
network
jeesns CWE-79
3.5
2021-09-09 CVE-2020-19292 Cross-site Scripting vulnerability in Jeesns 1.4.2
A stored cross-site scripting (XSS) vulnerability in the /question/ask component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a posted question.
network
jeesns CWE-79
3.5
2021-09-09 CVE-2020-19291 Cross-site Scripting vulnerability in Jeesns 1.4.2
A stored cross-site scripting (XSS) vulnerability in the /weibo/publishdata component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a posted Weibo.
network
jeesns CWE-79
3.5
2021-09-09 CVE-2020-19290 Cross-site Scripting vulnerability in Jeesns 1.4.2
A stored cross-site scripting (XSS) vulnerability in the /weibo/comment component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Weibo comment section.
network
jeesns CWE-79
3.5
2021-09-09 CVE-2020-19289 Cross-site Scripting vulnerability in Jeesns 1.4.2
A stored cross-site scripting (XSS) vulnerability in the /member/picture/album component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the new album tab.
network
jeesns CWE-79
3.5
2021-09-09 CVE-2020-19288 Cross-site Scripting vulnerability in Jeesns 1.4.2
A stored cross-site scripting (XSS) vulnerability in the /localhost/u component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a private message.
network
jeesns CWE-79
3.5
2021-09-09 CVE-2020-19287 Cross-site Scripting vulnerability in Jeesns 1.4.2
A stored cross-site scripting (XSS) vulnerability in the /group/post component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the title.
network
jeesns CWE-79
3.5
2021-09-09 CVE-2020-19286 Cross-site Scripting vulnerability in Jeesns 1.4.2
A stored cross-site scripting (XSS) vulnerability in the /question/detail component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the source field of the editor.
network
jeesns CWE-79
3.5