RSS   Vulnerabilities for 'Primefaces'   RSS

2020-03-13
 
CVE-2020-10544

CWE-79
 
 
An XSS issue was discovered in tooltip/tooltip.js in PrimeTek PrimeFaces 7.0.11. In a web application using PrimeFaces, an attacker can provide JavaScript code in an input field whose data is later used as a tooltip title without any input validation.

 
2018-01-03
 
CVE-2017-1000486

CWE-326
 
 
Primetek Primefaces 5.x is vulnerable to a weak encryption flaw resulting in remote code execution

 

Copyright 2024, cxsecurity.com

 

Back to Top