Vulnerabilities > Jitbit
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-11-01 | CVE-2019-18636 | Cross-site Scripting vulnerability in Jitbit .Net Forum 8.3.8 A cross-site scripting (XSS) vulnerability in Jitbit .NET Forum (aka ASP.NET forum) 8.3.8 allows remote attackers to inject arbitrary web script or HTML via the gravatar URL parameter. | 3.5 |
2019-08-09 | CVE-2017-18486 | Insufficient Entropy in PRNG vulnerability in Jitbit Helpdesk Jitbit Helpdesk before 9.0.3 allows remote attackers to escalate privileges because of mishandling of the User/AutoLogin userHash parameter. | 6.5 |