Vulnerabilities (CVE)

Filtered by vendor Eclipse Subscribe

Filtered by product Mojarra

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-6950	2 Eclipse, Oracle	9 Mojarra, Banking Enterprise Default Management, Banking Platform and 6 more	2022-05-12	4.3 MEDIUM	6.5 MEDIUM
Directory traversal in Eclipse Mojarra before 2.3.14 allows attackers to read arbitrary files via the loc parameter or con parameter.
CVE-2019-17091	2 Eclipse, Oracle	2 Mojarra, Mojarra Javaserver Faces	2022-02-07	4.3 MEDIUM	6.1 MEDIUM
faces/context/PartialViewContextImpl.java in Eclipse Mojarra, as used in Mojarra for Eclipse EE4J before 2.3.10 and Mojarra JavaServer Faces before 2.2.20, allows Reflected XSS because a client window field is mishandled.