Vulnerabilities > Jupo

DATE	CVE	VULNERABILITY TITLE	RISK
2024-02-28	CVE-2024-25169	Unspecified vulnerability in Jupo Mezzanine 6.0.0 An issue in Mezzanine v6.0.0 allows attackers to bypass access control mechanisms in the admin panel via a crafted request. network low complexity jupo critical	9.8
2021-08-27	CVE-2020-19002	Cross-site Scripting vulnerability in Jupo Mezzanine 4.3.1 Cross Site Scripting (XSS) in Mezzanine v4.3.1 allows remote attackers to execute arbitrary code via the 'Description' field of the component 'admin/blog/blogpost/add/'. network low complexity jupo CWE-79	6.1
2018-12-28	CVE-2018-16632	Cross-site Scripting vulnerability in Jupo Mezzanine 4.3.1 Mezzanine CMS v4.3.1 allows XSS via the /admin/blog/blogcategory/add/?_to_field=id&_popup=1 title parameter at admin/blog/blogpost/add/. network low complexity jupo CWE-79	4.8

Vulnerabilities > Jupo {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Jupo"}]}