Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8
CVE-2024-39332
- EPSS 2.54%
- Published 31.10.2024 19:15:12
- Last modified 10.07.2025 19:35:36
Webswing 23.2.2 allows remote attackers to modify client-side JavaScript code to achieve path traversal, likely leading to remote code execution via modification of shell scripts on the server.
9.8
CVE-2022-34914
- EPSS 0.9%
- Published 08.07.2022 19:15:08
- Last modified 21.11.2024 07:10:25
Webswing before 22.1.3 allows X-Forwarded-For header injection. The client IP address is associated with a variable in the configuration page. The {clientIp} variable can be used as an application startup argument. The X-Forwarded-For header can be m...
9.8
CVE-2020-11103
- EPSS 1.32%
- Published 30.12.2020 21:15:12
- Last modified 21.11.2024 04:56:47
JsLink in Webswing before 2.6.12 LTS, and 2.7.x and 20.x before 20.1, allows remote code execution.
1