CVE-2020-19229

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.0540%

EPSS Percentile40.21th

Published2022年4月5日

Last Modified2024年11月21日

Vulnerability Description

Jeesite 1.2.7 uses the apache shiro version 1.2.3 affected by CVE-2016-4437. Because of this version of the java deserialization vulnerability, an attacker could exploit the vulnerability to execute arbitrary commands via the rememberMe parameter.

Affected Platforms (CPE)

📦

Jeesite

= 1.2.7

References & Advisories

🔗 https://github.com/thinkgem/jeesite/issues/490

相关漏洞威胁

CVE-2019-10102026.5

Jeesite 1.2.7 is affected by: XML External Entity (XXE). The impact is: sensitive information disclosure. The component is: conver...

CVE-2019-10102016.5

Jeesite 1.2.7 is affected by: SQL Injection. The impact is: sensitive information disclosure. The component is: updateProcInsIdByB...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...