Filtered by vendor Eclipse
Subscriptions
Filtered by product Mojarra
Subscriptions
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2020-6950 | 2 Eclipse, Oracle | 9 Mojarra, Banking Enterprise Default Management, Banking Platform and 6 more | 2022-05-12 | 6.5 Medium |
Directory traversal in Eclipse Mojarra before 2.3.14 allows attackers to read arbitrary files via the loc parameter or con parameter. | ||||
CVE-2019-17091 | 2 Eclipse, Oracle | 23 Mojarra, Application Testing Suite, Banking Enterprise Product Manufacturing and 20 more | 2022-04-06 | 6.1 Medium |
faces/context/PartialViewContextImpl.java in Eclipse Mojarra, as used in Mojarra for Eclipse EE4J before 2.3.10 and Mojarra JavaServer Faces before 2.2.20, allows Reflected XSS because a client window field is mishandled. | ||||
CVE-2018-14371 | 1 Eclipse | 1 Mojarra | 2018-09-17 | N/A |
The getLocalePrefix function in ResourceManager.java in Eclipse Mojarra before 2.3.7 is affected by Directory Traversal via the loc parameter. A remote attacker can download configuration files or Java bytecodes from applications. |
Page 1 of 1.