Vulnerabilities > Jitbit

DATE CVE VULNERABILITY TITLE RISK
2019-11-01 CVE-2019-18636 Cross-site Scripting vulnerability in Jitbit .Net Forum 8.3.8
A cross-site scripting (XSS) vulnerability in Jitbit .NET Forum (aka ASP.NET forum) 8.3.8 allows remote attackers to inject arbitrary web script or HTML via the gravatar URL parameter.
network
jitbit CWE-79
3.5
2019-08-09 CVE-2017-18486 Insufficient Entropy in PRNG vulnerability in Jitbit Helpdesk
Jitbit Helpdesk before 9.0.3 allows remote attackers to escalate privileges because of mishandling of the User/AutoLogin userHash parameter.
network
low complexity
jitbit CWE-332
6.5