CVE-2025-9796 | thinkgem JeeSite up to 5.12.1 EncodeUtils.java decodeUrl2 cross site scripting (Issue 33)

A vulnerability described as problematic has been identified in thinkgem JeeSite up to 5.12.1. This affects the function decodeUrl2 of the file common/src/main/java/com/jeesite/common/codec/EncodeUtils.java. The manipulation results in cross site scripting.

This vulnerability is known as CVE-2025-9796. It is possible to launch the attack remotely. Furthermore, an exploit is available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More