CVE-2020-15497

CVSS 5.3 MEDIUMEPSS 1.3%

jcore/portal/ajaxPortal.jsp in Jalios JCMS 10.0.2 build-20200224104759 allows XSS via the types parameter. Note: It is asserted that this vulnerability is not present in the standard installation of Jalios JCMS

CVSS:3.1/AC:L/AV:N/A:N/C:N/I:L/PR:N/S:U/UI:N

Produtos afetados

n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/Da2Duo https://pastebin.com/KSJJu5Nx https://twitter.com/joker2a1 https://www.jalios.com/jcms/j_6/en/home