Browse all 4 CVE security advisories affecting jsnjfz. AI-powered Chinese analysis, POCs, and references for each vulnerability.
jsnjfz is a web application framework primarily used for building dynamic content management systems. Historically, it has been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and insecure default configurations. The framework's modular architecture has introduced additional risks through third-party extensions with inconsistent security practices. While no major public security incidents have been widely documented, its four CVE records indicate persistent security challenges, particularly in user authentication and session management. Organizations implementing jsnjfz should prioritize regular security assessments and apply patches promptly to mitigate known exploitation vectors.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-13811 | jsnjfz WebStack-Guns PageFactory.java sql injection — WebStack-GunsCWE-89 | 6.3 | Medium | 2025-12-01 |
| CVE-2025-13810 | jsnjfz WebStack-Guns KaptchaController.java renderPicture path traversal — WebStack-GunsCWE-22 | 5.3 | Medium | 2025-12-01 |
| CVE-2025-5888 | jsnjfz WebStack-Guns cross-site request forgery — WebStack-GunsCWE-352 | 4.3 | Medium | 2025-06-09 |
| CVE-2025-5887 | jsnjfz WebStack-Guns File Upload UserMgrController.java cross site scripting — WebStack-GunsCWE-79 | 3.5 | Low | 2025-06-09 |
This page lists every published CVE security advisory associated with jsnjfz. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.