Jobscheduler@1.13.2 Security Vulnerabilities and Issues — Jobscheduler@1.13.2 CVE List

Lucene search

Sos-berlinJobscheduler1.13.2

3 matches found

CVE•added 2020/02/05 9:15 p.m.•49 views

CVE-2020-6854

A cross-site scripting (XSS) vulnerability in the JOC Cockpit component of SOS JobScheduler 1.11 and 1.13.2 allows attackers to inject arbitrary web script or HTML via JSON properties available from the REST API.

5.4CVSS5.2AI score0.00374EPSS

CVE•added 2020/02/06 5:15 p.m.•40 views

CVE-2020-6855

A large or infinite loop vulnerability in the JOC Cockpit component of SOS JobScheduler 1.11 and 1.13.2 allows attackers to parameterize housekeeping jobs in a way that exhausts system resources and results in a denial of service.

6.8CVSS6.3AI score0.00492EPSS

CVE•added 2020/02/06 5:15 p.m.•37 views

CVE-2020-6856

An XML External Entity (XEE) vulnerability exists in the JOC Cockpit component of SOS JobScheduler 1.12 and 1.13.2 allows attackers to read files from the server via an entity declaration in any of the XML documents that are used to specify the run-time settings of jobs and orders.

6.5CVSS6.3AI score0.00448EPSS