Medium severity5.4NVD Advisory· Published Sep 9, 2021· Updated Jun 17, 2026
CVE-2020-19294
CVE-2020-19294
Description
A stored cross-site scripting (XSS) vulnerability in the /article/comment component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the article comments section.
Affected products
2- Jeesns/Jeesnsdescription
Patches
Vulnerability mechanics
References
2- github.com/zchuanzhao/jeesns/issues/23nvdExploitIssue TrackingThird Party Advisory
- www.seebug.org/vuldb/ssvid-97952nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.