CVE-2020-19229

Published: 2022-04-05T16:15Z

Last Modified: 2024-11-21T05:09Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Jeesite 1.2.7 uses the apache shiro version 1.2.3 affected by CVE-2016-4437. Because of this version of the java deserialization vulnerability, an attacker could exploit the vulnerability to execute arbitrary commands via the rememberMe parameter. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt