Vulnerabilities

Report: CVE-2026-8195 - JeecgBoot SVG File CommonController.java cross site scripting - 2025 Update

2026-05-10 0 views admin

CVE ID :CVE-2026-8195 Published : May 9, 2026, 8:16 p.m. | 1 hour, 39 minutes ago Description :A vulnerability was detected in JeecgBoot up to 3.9.1. The affected element is an unknown function of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/CommonController.java of the component SVG File Handler. The manipulation results in cross site scripting. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-8195

Severity

MEDIUM

Published

May 9, 2026

Affected Product: java

🏷️ Tags

reportjeecgbootcommoncontrollercrossscriptingupdatepublishedminutescvecve-2026-8195

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: CVE-2026-8195 - JeecgBoot SVG File CommonController.java cross site scripting - 2025 Update

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: CVE-2026-8214 - Industrial Application Software IAS Canias ERP RMI doAction improper authentication - Complete Guide

Report: CVE-2026-8215 - Industrial Application Software IAS Canias ERP RMI iasRequestFileEvent path trave

Report: CVE-2026-8216 - Industrial Application Software IAS Canias ERP Java RMI Session Management iasSer

Report: CVE-2026-45182 - GrapheneOS Quic VPN IP Disclosure

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting