제출 #618189: JeeSite https://github.com/thinkgem/jeesite5 <=5.12.0 Dangerous type of file upload (CWE-434)정보

제목JeeSite https://github.com/thinkgem/jeesite5 <=5.12.0 Dangerous type of file upload (CWE-434)
설명The endpoint /js/a/file/upload allows user uploads PDF file without sanitizer lead to Stored XSS.
원천⚠️ https://github.com/thinkgem/jeesite5/issues/31
사용자
 ZAST.AI (UID 87884)
제출2025. 07. 18. AM 05:44 (9 개월 ago)
모더레이션2025. 07. 19. AM 06:17 (1 day later)
상태수락
VulDB 항목316977 [thinkgem JeeSite 까지 5.12.0 FileUploadController.java upload 권한 상승]
포인트들14

이전개요다음

Want to know what is going to be exploited?

We predict KEV entries!