CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-15497

jcore/portal/ajaxPortal.jsp in Jalios JCMS 10.0.2 build-20200224104759 allows XSS via the types parameter. Note: It is asserted that this vulnerability is not present in the standard installation of Jalios JCMS

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 62.3%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 4.3

References

https://github.com/Da2Duo
https://pastebin.com/KSJJu5Nx
https://twitter.com/joker2a1
https://www.jalios.com/jcms/j_6/en/home
https://github.com/Da2Duo
https://pastebin.com/KSJJu5Nx
https://twitter.com/joker2a1
https://www.jalios.com/jcms/j_6/en/home

Products affected by CVE-2020-15497

Jalios » Jcms » Version: 10.0.2

cpe:2.3:a:jalios:jcms:10.0.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-15497

Products

Pricing

Contact Us