Vulnerabilities (CVE)

Filtered by vendor Jizhicms Subscribe

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-21228	1 Jizhicms	1 Jizhicms	2021-10-07	4.3 MEDIUM	6.1 MEDIUM
JIZHICMS 1.5.1 contains a cross-site scripting (XSS) vulnerability in the component /user/release.html, which allows attackers to arbitrarily add an administrator cookie.
CVE-2020-23644	1 Jizhicms	1 Jizhicms	2021-01-13	4.3 MEDIUM	6.1 MEDIUM
XSS exists in JIZHICMS 1.7.1 via index.php/Error/index?msg={XSS] to Home/c/ErrorController.php.
CVE-2020-23643	1 Jizhicms	1 Jizhicms	2021-01-13	4.3 MEDIUM	6.1 MEDIUM
XSS exists in JIZHICMS 1.7.1 via index.php/Wechat/checkWeixin?signature=1&echostr={XSS] to Home/c/WechatController.php.