CVE List

CVE-2020-18035

Moderate 6.1

Cross Site Scripting (XSS) in Jeesns v1.4.2 allows remote attackers to execute arbitrary code by injecting commands into the "CKEditorFuncNum" parameter in the component "CkeditorUploadController.java".

Published April 29, 2021.

Affected software

Jeesns Jeesns

Reference links

Sign Up for Alerts