Unrated severityNVD Advisory· Published Apr 29, 2021· Updated Aug 4, 2024
CVE-2020-18035
CVE-2020-18035
Description
Cross Site Scripting (XSS) in Jeesns v1.4.2 allows remote attackers to execute arbitrary code by injecting commands into the "CKEditorFuncNum" parameter in the component "CkeditorUploadController.java".
Affected products
2- Jeesns/Jeesnsdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- github.com/zchuanzhao/jeesns/issues/8mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.