CVE-2025-9796 in JeeSiteinformación

Resumen

por MITRE • 2025-09-02

A vulnerability was found in thinkgem JeeSite up to 5.12.1. This affects the function decodeUrl2 of the file common/src/main/java/com/jeesite/common/codec/EncodeUtils.java. The manipulation results in cross site scripting. It is possible to launch the attack remotely. The exploit has been made public and could be used. Upgrading to version 5.13.0 mitigates this issue. The patch is identified as 63773c97a56bdb3649510e83b66c16db4754965b. Upgrading the affected component is recommended.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsable

VulDB

Divulgación

2025-09-02

Moderación

aceptado

Artículo

VDB-322111

CPE

listo

CWE

CWE-79 (confirmado)

Explotación

Descargar

CVSS

4.1 (NVD)

EPSS

0.00067

KEV

Actividades

muy bajo

Fuentes

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-9796
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-9796
CVE Details	https://www.cvedetails.com/cve/CVE-2025-9796/

◂ Anterior Visión De Conjunto Próximo ▸

Do you know our Splunk app?

Download it now for free!