CVE-2022-26247

CVE-2022-26247 pertains to TMS v2.28.0, where an insecure permission on the component /TMS/admin/user/Update2 allows an attacker to modify the administrator account and password. The vulnerability is documented across multiple sources (NVD, Red Hat, OSV, CVELIST, etc.). The available descriptions...

CVE-2023-50630

CVE-2023-50630 : The connected documents confirm a Cross Site Scripting (XSS) vulnerability in xiweicheng TMS v2.28.0 . A remote attacker can execute arbitrary code through a crafted script to the “click here” function. The details do not provide concrete exploit steps, affected components beyond...