Vulnerabilities (CVE)

Filtered by vendor Jizhicms Subscribe
Filtered by product Jizhicms
Total 22 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-21228 1 Jizhicms 1 Jizhicms 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
JIZHICMS 1.5.1 contains a cross-site scripting (XSS) vulnerability in the component /user/release.html, which allows attackers to arbitrarily add an administrator cookie.
CVE-2019-17593 1 Jizhicms 1 Jizhicms 2024-11-21 6.8 MEDIUM 8.8 HIGH
JIZHICMS 1.5.1 allows admin.php/Admin/adminadd.html CSRF to add an administrator.