JeeCMS 1.0.1 contains a stored cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the commentText parameter.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-20799
Reference (s):
- https://github.com/blackjliuyun/cvetest/issues/1