CVE-2025-55834

Medium CVSS: 6.1

A Cross Site Scripting vulnerability in JeeWMS v.3.7 and before allows a remote attacker to obtain sensitive information via the logController.do component

Vendor

Huayi-tec

Product

Jeewms

CWE

CWE-79

Yayın Tarihi

2025-09-16 13:16:10

Güncelleme

2025-09-20 03:02:12

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-79 Jeewms MEDIUM Huayi-tec 2025

Referanslar

https://github.com/RrEeSeEeTt/CVEs/blob/main/JeeWMS-xss.md https://github.com/RrEeSeEeTt/CVEs/blob/main/JeeWMS-xss.md

Benzer Kayıtlar

Medium

CVE-2026-3028

A vulnerability was determined in erzhongxmu JEEWMS up to 3.7. This vulnerability affects the function doAdd of the file…

Medium

CVE-2025-70311

JEEWMS 1.0 is vulnerable to SQL Injection. Attackers can inject malicious SQL statements through the id1 and id2 paramet…

Medium

CVE-2025-60268

An arbitrary file upload vulnerability exists in JeeWMS 20250820, which is caused by the lack of file checking in the sa…

Critical

CVE-2025-60269

JEEWMS 20250820 is vulnerable to SQL Injection in the exportXls function located in the src/main/java/org/jeecgframework…

Medium

CVE-2025-5389

A vulnerability, which was classified as critical, has been found in JeeWMS up to 20250504. Affected by this issue is th…

Medium

CVE-2025-5390

A vulnerability, which was classified as critical, was found in JeeWMS up to 20250504. This affects the function filedea…