EPSS
Percentile
24.6%
In JEESNS 1.3, com/lxinet/jeesns/core/utils/XssHttpServletRequestWrapper.java allows stored XSS via an HTML EMBED element, a different vulnerability than CVE-2018-17886.
github.com/zchuanzhao/jeesns/issues/6