VYPR
Medium severity5.4NVD Advisory· Published Jul 18, 2018· Updated Jun 17, 2026

CVE-2018-12429

CVE-2018-12429

Description

JEESNS through 1.2.1 allows XSS attacks by ordinary users who publish articles containing a crafted payload in order to capture an administrator cookie.

Affected products

2
  • Jeesns/Jeesnsinferred2 versions
    <=1.2.1+ 1 more
    • (no CPE)range: <=1.2.1
    • (no CPE)range: <=1.2.1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.