Vulnerabilities > Jeesns > Jeesns > 1.4.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-09-09 | CVE-2020-19290 | Cross-site Scripting vulnerability in Jeesns 1.4.2 A stored cross-site scripting (XSS) vulnerability in the /weibo/comment component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Weibo comment section. | 3.5 |
2021-09-09 | CVE-2020-19291 | Cross-site Scripting vulnerability in Jeesns 1.4.2 A stored cross-site scripting (XSS) vulnerability in the /weibo/publishdata component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a posted Weibo. | 3.5 |
2021-09-09 | CVE-2020-19292 | Cross-site Scripting vulnerability in Jeesns 1.4.2 A stored cross-site scripting (XSS) vulnerability in the /question/ask component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a posted question. | 3.5 |
2021-09-09 | CVE-2020-19293 | Cross-site Scripting vulnerability in Jeesns 1.4.2 A stored cross-site scripting (XSS) vulnerability in the /article/add component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a posted article. | 3.5 |
2021-09-09 | CVE-2020-19294 | Cross-site Scripting vulnerability in Jeesns 1.4.2 A stored cross-site scripting (XSS) vulnerability in the /article/comment component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the article comments section. | 3.5 |
2021-09-09 | CVE-2020-19295 | Cross-site Scripting vulnerability in Jeesns 1.4.2 A reflected cross-site scripting (XSS) vulnerability in the /weibo/topic component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML. | 4.3 |
2021-04-29 | CVE-2020-18035 | Cross-site Scripting vulnerability in Jeesns 1.4.2 Cross Site Scripting (XSS) in Jeesns v1.4.2 allows remote attackers to execute arbitrary code by injecting commands into the "CKEditorFuncNum" parameter in the component "CkeditorUploadController.java". | 4.3 |