Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

thinkgem — Vulnerabilities & Security Advisories 11

Browse all 11 CVE security advisories affecting thinkgem. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Thinkgem is a software platform primarily used for enterprise resource planning and workflow automation. Historically, the product has been vulnerable to multiple remote code execution flaws, cross-site scripting attacks, and privilege escalation vulnerabilities, accounting for its 11 recorded CVEs. Security researchers have identified consistent weaknesses in input validation and access control mechanisms. While no major public security incidents have been documented, the accumulation of CVEs suggests ongoing challenges in secure coding practices. Organizations using Thinkgem should prioritize timely patching and implement additional security controls to mitigate risks associated with these recurring vulnerability patterns.

Top products by thinkgem: JeeSite
CVE IDTitleCVSSSeverityPublished
CVE-2026-3405 thinkgem JeeSite Connection path traversal — JeeSiteCWE-22 3.1 Low2026-03-02
CVE-2026-3404 thinkgem JeeSite Endpoint CasOutHandler.java xml external entity reference — JeeSiteCWE-611 5.0 Medium2026-03-02
CVE-2025-9796 thinkgem JeeSite EncodeUtils.java decodeUrl2 cross site scripting — JeeSiteCWE-79 3.5 Low2025-09-01
CVE-2025-7865 thinkgem JeeSite XSS Filter EncodeUtils.java xssFilter cross site scripting — JeeSiteCWE-79 3.5 Low2025-07-20
CVE-2025-7864 thinkgem JeeSite FileUploadController.java upload unrestricted upload — JeeSiteCWE-434 6.3 Medium2025-07-20
CVE-2025-7863 thinkgem JeeSite ServletUtils.java redirectUrl — JeeSiteCWE-601 3.5 Low2025-07-20
CVE-2025-7785 thinkgem JeeSite SsoController.java sso redirect — JeeSiteCWE-601 4.3 Medium2025-07-18
CVE-2025-7763 thinkgem JeeSite Site Controller SiteController.java select redirect — JeeSiteCWE-601 4.3 Medium2025-07-17
CVE-2025-7759 thinkgem JeeSite UEditor Image Grabber ActionEnter.java server-side request forgery — JeeSiteCWE-918 6.3 Medium2025-07-17
CVE-2025-5186 thinkgem JeeSite URI Scheme form ResourceLoader.getResource server-side request forgery — JeeSiteCWE-918 6.3 Medium2025-05-26
CVE-2024-8112 thinkgem JeeSite Cookie login cross site scripting — JeeSiteCWE-79 4.3 Medium2024-08-23

This page lists every published CVE security advisory associated with thinkgem. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.