Vulnerabilities > Jalios
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-07-17 | CVE-2020-15497 | Cross-site Scripting vulnerability in Jalios Jcms 10.0.2 jcore/portal/ajaxPortal.jsp in Jalios JCMS 10.0.2 build-20200224104759 allows XSS via the types parameter. | 6.1 |
2019-11-21 | CVE-2019-19033 | Use of Hard-coded Credentials vulnerability in Jalios Jcms 10.0 Jalios JCMS 10 allows attackers to access any part of the website and the WebDAV server with administrative privileges via a backdoor account, by using any username and the hardcoded dev password. | 9.8 |