Soumettre #756527: erzhongxmu JEEWMS ≤3.7 Reflected XSSinformation

Titreerzhongxmu JEEWMS ≤3.7 Reflected XSS
Description# Summury A **reflected cross-site scripting (XSS)** vulnerability has been discovered in JEEWMS v3.7 in the `JeecgListDemoController` module. The vulnerability allows attackers to inject malicious JavaScript through the `name` parameter, which is then reflected in the response without proper sanitization, leading to execution of arbitrary JavaScript code in the victim’s browser context. **Authentication**: Yes **Exploitable**: Remote
La source⚠️ https://www.notion.so/JEEWMS-Stored-Cross-Site-Scripting-XSS-in-SysModule-304ea92a3c418099bed7f1e0bca12d83
Utilisateur
 din4 (UID 50867)
Soumission11/02/2026 17:24 (il y a 4 mois)
Modérer23/02/2026 15:05 (12 days later)
StatutAccepté
Entrée VulDB347384 [erzhongxmu JEEWMS jusqu’à 3.7 JeecgListDemoController.java doAdd Nom cross site scripting]
Points17

PrécédentAperçuSuivant

Interested in the pricing of exploits?

See the underground prices here!