Vulnerabilities > Zkoss

DATE CVE VULNERABILITY TITLE RISK
2022-08-26 CVE-2022-36537 Unspecified vulnerability in Zkoss ZK Framework
ZK Framework v9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 allows attackers to access sensitive information via a crafted POST request sent to the component AuUploader.
network
low complexity
zkoss
7.5
2013-11-20 CVE-2013-5966 Cross-Site Scripting vulnerability in Zkoss ZK Framework
Cross-site scripting (XSS) vulnerability in ZK Framework before 5.0.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
zkoss CWE-79
4.3