CVE-2025-9796 in JeeSiteinformação

Sumário

de MITRE • 02/09/2025

A vulnerability was found in thinkgem JeeSite up to 5.12.1. This affects the function decodeUrl2 of the file common/src/main/java/com/jeesite/common/codec/EncodeUtils.java. The manipulation results in cross site scripting. It is possible to launch the attack remotely. The exploit has been made public and could be used. Upgrading to version 5.13.0 mitigates this issue. The patch is identified as 63773c97a56bdb3649510e83b66c16db4754965b. Upgrading the affected component is recommended.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsável

VulDB

Divulgação

02/09/2025

Moderação

aceite

Entrada

VDB-322111

CPE

pronto

CWE

CWE-79 (confirmado)

Exploração

Descarregar

CVSS

4.1 (NVD)

EPSS

0.00067

KEV

não

Atividades

muito baixo

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-9796
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-9796
CVE Details	https://www.cvedetails.com/cve/CVE-2025-9796/

◂ Voltar Visão Geral Próximo ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!