CVE-2025-7759 | thinkgem JeeSite up to 5.12.0 UEditor Image Grabber ActionEnter.java Source server-side request forgery (Issue 27)

A vulnerability, which was classified as critical, was found in thinkgem JeeSite up to 5.12.0. This affects an unknown part of the file modules/core/src/main/java/com/jeesite/common/ueditor/ActionEnter.java of the component UEditor Image Grabber. The manipulation of the argument Source leads to server-side request forgery.

This vulnerability is uniquely identified as CVE-2025-7759. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

It is recommended to apply a patch to fix this issue.VulDB Recent EntriesRead More