A stored cross-site scripting (XSS) vulnerability in the /article/add component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a posted article.

CWE: CWE-79 CWE-259 CWE-522

CVSS 2: LOW – 3.5 (Version: 2.0)
CVSS 3: MEDIUM – 5.4 (Version: 3.1)


NVD – CVE-2020-19293
CVE – CVE-2020-19293

Link (max. 20) Quelle Tags MISC Exploit Third Party Advisory Third Party Advisory MISC Exploit Issue Tracking Third Party Advisory CONFIRM MISC

Quelle: NVD – CVE-2020-19293
Datum Veröffentlichung: 2021-09-09T23:15Z, Datum letzte Änderung: 2021-09-13T15:00Z