CVE-2023-46911

There is a Cross Site Scripting XSS vulnerability in the choosestyletree.do interface of Jspxcms v10.2.0 backend...

CVE-2023-46911

There is a Cross Site Scripting XSS vulnerability in the choosestyletree.do interface of Jspxcms v10.2.0 backend...

CVE-2023-46911

There is a Cross Site Scripting XSS vulnerability in the choosestyletree.do interface of Jspxcms v10.2.0 backend...

CVE-2023-46911

CVE-2023-46911 describes a Cross Site Scripting (XSS) vulnerability in the Jspxcms v10.2.0 backend, specifically the choose_style_tree.do interface. The affected component is the backend web application (Jspxcms v10.2.0). The root cause, as stated by multiple sources, is improper handling of user...

CVE-2023-46911

There is a Cross Site Scripting XSS vulnerability in the choosestyletree.do interface of Jspxcms v10.2.0 backend...

CVE-2022-28090

Jspxcms v10.2.0 allows attackers to execute a Server-Side Request Forgery SSRF via /cmscp/ext/collect/fetchurl.do?url=...

Server side request forgery (ssrf)

Jspxcms v10.2.0 allows attackers to execute a Server-Side Request Forgery SSRF via /cmscp/ext/collect/fetchurl.do?url=...

CVE-2022-28090

Jspxcms v10.2.0 allows attackers to execute a Server-Side Request Forgery SSRF via /cmscp/ext/collect/fetchurl.do?url=...

CVE-2022-28090

CVE-2022-28090 affects Jspxcms v10.2.0 and enables a Server-Side Request Forgery (SSRF) via the parameter in the endpoint /cmscp/ext/collect/fetch_url.do?url= . The root cause and impact are described in the sources as SSRF, but the provided connected documents do not specify any exploit details,...

CVE-2022-23329

A vulnerability in $"freemarker.template.utility.Execute"?new of UJCMS Jspxcms v10.2.0 allows attackers to execute arbitrary commands via uploading malicious files...

CVE-2022-23329

A vulnerability in $"freemarker.template.utility.Execute"?new of UJCMS Jspxcms v10.2.0 allows attackers to execute arbitrary commands via uploading malicious files...