Jeesite: >> Jeesite >> 1.2.6 Security Vulnerabilities
An issue in the delete function in the UserController class of jeesite v1.2.6 allows authenticated attackers to arbitrarily delete the Administrator's role information.
CVSS Score
4.3
EPSS Score
0.0
Published
2023-07-31
An issue in the delete function in the OaNotifyController class of jeesite v1.2.6 allows authenticated attackers to arbitrarily delete notifications created by Administrators.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-07-28
Jeesite before commit 10742d3 was discovered to contain a SQL injection vulnerability via the component ${businessTable} at /act/ActDao.xml.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-06-22
Page 2