A Cross-Site Scripting (XSS) vulnerability exists in the g parameter to index.php in Jcow CMS 4.2 and earlier.
6.1CVSS
5.8AI Score
0.001EPSS
A Code Execution vulnerability exists the attachment parameter to index.php in Jcow CMS 4.x to 4.2 and 5.2 to 5.2.
9.8CVSS
9.4AI Score
0.008EPSS