CVE-2025-7865 | thinkgem JeeSite up to 5.12.0 XSS Filter EncodeUtils.java xssFilter text cross site scripting (Issue 32)

A vulnerability was found in thinkgem JeeSite up to 5.12.0. It has been declared as problematic. This vulnerability affects the function xssFilter of the file src/main/java/com/jeesite/common/codec/EncodeUtils.java of the component XSS Filter. The manipulation of the argument text leads to cross site scripting.

This vulnerability was named CVE-2025-7865. The attack can be initiated remotely. Furthermore, there is an exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2025-7865 | thinkgem JeeSite up to 5.12.0 XSS Filter EncodeUtils.java xssFilter text cross site scripting (Issue 32)

Post correlati

CVE-2025-1848 | zj1983 zz up to 2024-8 /import_data_check url server-side request forgery

CVE-2024-6763 | Eclipse Jetty up to 12.0.11 URL Parser improper validation of syntactic correctness of input (ID 25)

CVE-2024-2962 | Networker Plugin up to 1.1.9 on WordPress authorization

CVE-2024-42447 | Apache FAB provider 1.2.0/1.2.1 on Airflow session expiration