Filtered by vendor Jalios
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-15497 | 1 Jalios | 1 Jcms | 2022-01-01 | 4.3 MEDIUM | 6.1 MEDIUM |
| ** DISPUTED ** jcore/portal/ajaxPortal.jsp in Jalios JCMS 10.0.2 build-20200224104759 allows XSS via the types parameter. Note: It is asserted that this vulnerability is not present in the standard installation of Jalios JCMS. | |||||
| CVE-2019-19033 | 1 Jalios | 1 Jcms | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| Jalios JCMS 10 allows attackers to access any part of the website and the WebDAV server with administrative privileges via a backdoor account, by using any username and the hardcoded dev password. | |||||