Enviar #641125: thinkgem https://github.com/thinkgem/jeesite5 <=v5.12.1 XSSinformación

Títulothinkgem https://github.com/thinkgem/jeesite5 <=v5.12.1 XSS
DescripciónThe previous XSS filter bypass vulnerability (CVE-2025-7865) was fixed through commit 3585737, but by analyzing the latest sanitizer (v5.12.1), new XSS attack vectors were discovered, leading to the patch being bypassed again.
Fuente⚠️ https://github.com/thinkgem/jeesite5/issues/33
Usuario
 ZAST.AI (UID 87884)
Sumisión2025-08-25 12:35 (hace 9 meses)
Moderación2025-09-01 13:43 (7 days later)
EstadoAceptado
Entrada de VulDB322111 [thinkgem JeeSite hasta 5.12.1 EncodeUtils.java decodeUrl2 secuencias de comandos en sitios cruzados]
Puntos16

AnteriorVisión De ConjuntoPróximo

Interested in the pricing of exploits?

See the underground prices here!