Vulnerabilities > Jeesns > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-09 | CVE-2020-19294 | Cross-site Scripting vulnerability in Jeesns 1.4.2 A stored cross-site scripting (XSS) vulnerability in the /article/comment component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the article comments section. | 3.5 |
| 2021-09-09 | CVE-2020-19293 | Cross-site Scripting vulnerability in Jeesns 1.4.2 A stored cross-site scripting (XSS) vulnerability in the /article/add component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a posted article. | 3.5 |
| 2021-09-09 | CVE-2020-19292 | Cross-site Scripting vulnerability in Jeesns 1.4.2 A stored cross-site scripting (XSS) vulnerability in the /question/ask component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a posted question. | 3.5 |
| 2021-09-09 | CVE-2020-19291 | Cross-site Scripting vulnerability in Jeesns 1.4.2 A stored cross-site scripting (XSS) vulnerability in the /weibo/publishdata component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a posted Weibo. | 3.5 |
| 2021-09-09 | CVE-2020-19290 | Cross-site Scripting vulnerability in Jeesns 1.4.2 A stored cross-site scripting (XSS) vulnerability in the /weibo/comment component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Weibo comment section. | 3.5 |
| 2021-09-09 | CVE-2020-19289 | Cross-site Scripting vulnerability in Jeesns 1.4.2 A stored cross-site scripting (XSS) vulnerability in the /member/picture/album component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the new album tab. | 3.5 |
| 2021-09-09 | CVE-2020-19288 | Cross-site Scripting vulnerability in Jeesns 1.4.2 A stored cross-site scripting (XSS) vulnerability in the /localhost/u component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a private message. | 3.5 |
| 2021-09-09 | CVE-2020-19287 | Cross-site Scripting vulnerability in Jeesns 1.4.2 A stored cross-site scripting (XSS) vulnerability in the /group/post component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the title. | 3.5 |
| 2021-09-09 | CVE-2020-19286 | Cross-site Scripting vulnerability in Jeesns 1.4.2 A stored cross-site scripting (XSS) vulnerability in the /question/detail component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the source field of the editor. | 3.5 |
| 2021-09-09 | CVE-2020-19285 | Cross-site Scripting vulnerability in Jeesns 1.4.2 A stored cross-site scripting (XSS) vulnerability in the /group/apply component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Name text field. | 3.5 |