Je Messenger Security Vulnerabilities and Issues — Je Messenger CVE List

Lucene search

HarmistechnologyJe Messenger

5 matches found

CVE•added 2019/03/29 3:29 p.m.•43 views

CVE-2019-9922

An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. Directory Traversal allows read access to arbitrary files.

7.5CVSS7.3AI score0.87141EPSS

CVE•added 2019/03/29 3:29 p.m.•39 views

CVE-2019-9918

An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. Input does not get validated and queries are not written in a way to prevent SQL injection. Therefore arbitrary SQL-Statements can be executed in the database.

9.1CVSS9.4AI score0.00233EPSS

CVE•added 2019/03/29 3:29 p.m.•33 views

CVE-2019-9920

An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to perform an action within the context of the account of another user.

8.8CVSS8.5AI score0.0032EPSS

CVE•added 2019/03/29 3:29 p.m.•33 views

CVE-2019-9921

An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to read information that should only be accessible by a different user.

7.7CVSS6.2AI score0.00207EPSS

CVE•added 2019/03/29 3:29 p.m.•29 views

CVE-2019-9919

An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to craft messages in a way that JavaScript gets executed on the side of the receiving user when the message is opened, aka XSS.

5.4CVSS5.4AI score0.00206EPSS