jcore/portal/ajaxPortal.jsp in Jalios JCMS 10.0.2 build-20200224104759 allows XSS via the types parameter. Note: It is asserted that this vulnerability is not present in the standard installation of Jalios JCMS
References
Link | Resource |
---|---|
https://github.com/Da2Duo | Not Applicable |
https://pastebin.com/KSJJu5Nx | Exploit Third Party Advisory |
https://twitter.com/joker2a1 | Not Applicable Third Party Advisory |
https://www.jalios.com/jcms/j_6/en/home | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-07-17T17:35:05
Updated: 2020-07-29T13:02:16
Reserved: 2020-07-01T00:00:00
Link: CVE-2020-15497
JSON object: View
NVD Information
Status : Modified
Published: 2020-07-17T18:15:12.783
Modified: 2024-05-17T01:43:24.893
Link: CVE-2020-15497
JSON object: View
Redhat Information
No data.
CWE