CVE-2026-36762

216.73.217.22

· Published 30/04/2026 18:16 · Modified 30/04/2026 19:11

Labels: CVE-2026-36762 2026-04-30 CVE-2026-36762 [email protected]

Essential information

Published: 30/04/2026 18:16
Modified: 30/04/2026 19:11
Author: —
Creator: —
CISA KEV: No
CWE: —
CVSS vector

Description

An issue in the fileEntityId parameter in the /a/file/upload endpoint of JeeSite v5.15.1 allows authenticated attackers with file upload permissions to execute a path traversal and write arbitrary files with whitelisted suffixes to arbitrary filesystem locations.

NVD status

Status: Deferred — When a CVE is given this status the NVD does not plan analyze or re-analyze this CVE due to resource or other concerns.
Source: [email protected]
NVD: View on NVD

Affected products (CPE)

Product	CPE
jeesite / jeesite	`cpe:2.3:a:jeesite:jeesite:5.15.1:::::::*`

CVE-2026-36762

Essential information

Description

NVD status

Affected products (CPE)

References