CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2024-1257 – Jspxcms find_text.do cross site scripting
https://notcve.org/view.php?id=CVE-2024-1257
A vulnerability was found in Jspxcms 10.2.0. It has been classified as problematic. Affected is an unknown function of the file /ext/collect/find_text.do. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. • https://github.com/sweatxi/BugHub/blob/main/find_text_do.pdf https://vuldb.com/?ctiid.252996 https://vuldb.com/?id.252996 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-1256 – Jspxcms filter_text.do cross site scripting
https://notcve.org/view.php?id=CVE-2024-1256
A vulnerability was found in Jspxcms 10.2.0 and classified as problematic. This issue affects some unknown processing of the file /ext/collect/filter_text.do. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/sweatxi/BugHub/blob/main/filter_txet_do.pdf https://vuldb.com/?ctiid.252995 https://vuldb.com/?id.252995 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-1200 – Jspxcms information disclosure
https://notcve.org/view.php?id=CVE-2024-1200
A vulnerability was found in Jspxcms 10.2.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /template/1/default/. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/sweatxi/BugHub/blob/main/Nanchang%20Lanzhi%20Technology%20Co.pdf https://vuldb.com/?ctiid.252698 https://vuldb.com/?id.252698 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2024-0721 – Jspxcms Survey Label cross site scripting
https://notcve.org/view.php?id=CVE-2024-0721
A vulnerability has been found in Jspxcms 10.2.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Survey Label Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/sweatxi/BugHub/blob/main/jspXCMS-%20Survey%20label.pdf https://vuldb.com/?ctiid.251545 https://vuldb.com/?id.251545 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2024-0599 – Jspxcms Document Management Page InfoController.java cross site scripting
https://notcve.org/view.php?id=CVE-2024-0599
A vulnerability was found in Jspxcms 10.2.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file src\main\java\com\jspxcms\core\web\back\InfoController.java of the component Document Management Page. The manipulation of the argument title leads to cross site scripting. The attack can be launched remotely. • https://github.com/sweatxi/BugHub/blob/main/Jspxcms.pdf https://vuldb.com/?ctiid.250837 https://vuldb.com/?id.250837 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •