Submit #641125: thinkgem https://github.com/thinkgem/jeesite5 <=v5.12.1 XSSinfo

Titelthinkgem https://github.com/thinkgem/jeesite5 <=v5.12.1 XSS
BeschreibungThe previous XSS filter bypass vulnerability (CVE-2025-7865) was fixed through commit 3585737, but by analyzing the latest sanitizer (v5.12.1), new XSS attack vectors were discovered, leading to the patch being bypassed again.
Quelle⚠️ https://github.com/thinkgem/jeesite5/issues/33
Benutzer
 ZAST.AI (UID 87884)
Einreichung25.08.2025 12:35 (vor 10 Monaten)
Moderieren01.09.2025 13:43 (7 days later)
StatusAkzeptiert
VulDB Eintrag322111 [thinkgem JeeSite bis 5.12.1 EncodeUtils.java decodeUrl2 Cross Site Scripting]
Punkte16

ZurückÜbersichtWeiter

Do you know our Splunk app?

Download it now for free!