issues
search
JPressProjects
/
jpress
JPress,一个使用 Java 开发的建站神器,目前已经有 10w+ 网站使用 JPress 进行驱动,其中包括多个政府机构,200+上市公司,中科院、红+字会等。
http://www.jpress.cn
GNU Lesser General Public License v3.0
2.66k
stars
1.18k
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Jpress has a SSRF Vulnerability
#190
ilikeoyt
opened
2 weeks ago
0
jpress has an arbitrary file read vulnerability
#189
microvorld
opened
4 weeks ago
0
The latest version of JPress deployed on Windows has an arbitrary file upload vulnerability
#188
lazy-forever
opened
1 month ago
0
docker部署问题
#187
ZAJ0711
opened
6 months ago
0
jpress 本地tomcat启动 文件无法正常上传
#186
YYK1918
opened
11 months ago
1
使用Nginx反向代理到jpress服务无法自定义域名访问
#185
wu2754522801
closed
1 year ago
1
jpress存在反射型XSS
#184
longicron
opened
1 year ago
0
jpress后台模板-板块存在存储型XSS
#183
longicron
opened
1 year ago
1
Bump yauaa from 7.3.0 to 7.9.0 in /jpress-commons
#182
dependabot[bot]
opened
1 year ago
0
自定义域名时,从后台无法直接访问文章
#181
DevourZuan
opened
1 year ago
0
Bump jackson-databind from 2.13.3 to 2.13.4.1
#180
dependabot[bot]
closed
1 year ago
0
请问一下修复模板引擎注入造成的 RCE 的这个漏洞里面,是用了哪种修复方式呀
#179
Drun1baby
closed
1 year ago
1
Bump jackson.version from 2.13.3 to 2.13.4
#178
dependabot[bot]
closed
1 year ago
1
[SECURITY] Fix Zip Slip Vulnerability
#177
JLLeitschuh
closed
1 year ago
1
Update start.md
#176
wangjunjun2008
closed
2 years ago
0
structure.md typo
#175
Chairo
closed
2 years ago
0
Bump jackson-databind from 2.12.3 to 2.12.6.1
#174
dependabot[bot]
closed
2 years ago
1
jpress前台存在任意文件上传漏洞
#173
Er1cccc
closed
2 years ago
1
jpress后台存在命令执行漏洞-邮件模板product
#172
Er1cccc
closed
2 years ago
1
jpress后台存在命令执行漏洞-邮件模板page
#171
Er1cccc
closed
2 years ago
1
jpress后台存在命令执行漏洞-邮件模板article
#170
Er1cccc
closed
2 years ago
1
jpress后台存在命令执行漏洞-模板上传
#169
Er1cccc
closed
2 years ago
1
jpress后台存在命令执行漏洞-模板安装
#168
Er1cccc
closed
2 years ago
1
jpress后台存在命令执行漏洞-恶意插件
#167
Er1cccc
closed
2 years ago
1
jpress后台存在命令执行漏洞-模板修改
#166
Er1cccc
closed
2 years ago
1
Bump log4j-core from 2.15.0 to 2.17.0
#165
dependabot[bot]
closed
2 years ago
1
Bump log4j-api from 2.15.0 to 2.17.0
#164
dependabot[bot]
closed
2 years ago
1
Bump log4j-core from 2.15.0 to 2.16.0
#163
dependabot[bot]
closed
2 years ago
1
Bump log4j-api from 2.15.0 to 2.16.0
#162
dependabot[bot]
closed
2 years ago
1
Bump log4j-core from 2.14.1 to 2.15.0
#161
dependabot[bot]
closed
2 years ago
1
Bump log4j-api from 2.14.1 to 2.15.0
#160
dependabot[bot]
closed
2 years ago
1
商品能给不同会员组设置不同价格,不能设置为0,即指定会员组商品免费
#159
52Lau
closed
2 years ago
1
Update package.xml
#158
coderyang123
closed
2 years ago
0
Bump elasticsearch from 7.13.2 to 7.14.0
#157
dependabot[bot]
opened
3 years ago
0
background XML entity injection vulnerability
#156
hack4money
closed
3 years ago
1
Bump elasticsearch from 7.13.2 to 7.13.3
#155
dependabot[bot]
closed
3 years ago
1
Update readme.md
#154
RetireWorker
closed
3 years ago
0
Bump junit from 4.12 to 4.13.1 in /starter
#153
dependabot[bot]
closed
3 years ago
1
There is a storage XSS vulnerability in the template module
#152
ghost
closed
3 years ago
1
docker 安装问题
#145
xingchenpro
closed
2 years ago
1
bug:关于tag的问题
#144
zoujiedev
closed
3 years ago
1
修正常量配置的拼写
#143
zoujiedev
closed
3 years ago
0
refactor(JpressConsta): 修正配置的拼写
#142
zoujiedev
closed
3 years ago
0
Bump junit from 4.12 to 4.13.1 in /jpress-web
#141
dependabot[bot]
closed
3 years ago
1
Bump junit from 4.12 to 4.13.1 in /jpress-core
#140
dependabot[bot]
closed
3 years ago
1
怎么配置独立的数据库呢。
#139
lilaizhencn
closed
2 years ago
1
jpress插件化是如何实现的
#138
developers-youcong
closed
2 years ago
1
Activating Open Collective
#137
monkeywithacupcake
closed
3 years ago
0
编辑器,在markdown下,不能再次编辑title
#136
thimper
closed
2 years ago
0
[SECURITY] Use HTTPS to resolve dependencies in Maven Build
#135
JLLeitschuh
closed
4 years ago
0
Next