VYPR
Unrated severityNVD Advisory· Published Apr 5, 2022· Updated Aug 4, 2024

CVE-2020-19229

CVE-2020-19229

Description

Jeesite 1.2.7 uses the apache shiro version 1.2.3 affected by CVE-2016-4437. Because of this version of the java deserialization vulnerability, an attacker could exploit the vulnerability to execute arbitrary commands via the rememberMe parameter.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Jeesite/Jeesitecpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: 1.2.7

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.