Vulnerabilities > Jalios

DATE CVE VULNERABILITY TITLE RISK
2020-07-17 CVE-2020-15497 Cross-site Scripting vulnerability in Jalios Jcms 10.0.2
jcore/portal/ajaxPortal.jsp in Jalios JCMS 10.0.2 build-20200224104759 allows XSS via the types parameter.
network
low complexity
jalios CWE-79
6.1
2019-11-21 CVE-2019-19033 Use of Hard-coded Credentials vulnerability in Jalios Jcms 10.0
Jalios JCMS 10 allows attackers to access any part of the website and the WebDAV server with administrative privileges via a backdoor account, by using any username and the hardcoded dev password.
network
low complexity
jalios CWE-798
critical
9.8