RSS   Vulnerabilities for 'Jspxcms'   RSS

2022-05-04
 
CVE-2022-28090

CWE-918
 
 
Jspxcms v10.2.0 allows attackers to execute a Server-Side Request Forgery (SSRF) via /cmscp/ext/collect/fetch_url.do?url=.

 
2022-02-04
 
CVE-2022-23329

CWE-434
 
 
A vulnerability in ${"freemarker.template.utility.Execute"?new() of UJCMS Jspxcms v10.2.0 allows attackers to execute arbitrary commands via uploading malicious files.

 

Copyright 2024, cxsecurity.com

 

Back to Top