MidnightBSD

Advisories for jease

CVE-2012-4052 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in Jease before 2.9, when creating a comment, allow remote attackers to inject arbitrary web script or HTML via the (1) author, (2) subject, or (3) comment parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
jease jease 1.8
jease jease 0.6
jease jease 2.7
jease jease 1.1
jease jease 0.2
jease jease 1.9
jease jease 1.3
jease jease 2.9
jease jease 0.1
jease jease 1.5
jease jease 0.3
jease jease 0.5
jease jease 0.4
jease jease 2.3
jease jease 0.8
jease jease 2.1
jease jease 1.2
jease jease 2.2
jease jease 1.4
jease jease 2.4
jease jease 0.9
jease jease 2.0
jease jease *
jease jease 2.5
jease jease 1.7
jease jease 1.6
jease jease 0.7
jease jease 2.6
jease jease 1.0
CVE-2014-8780 LOW

Cross-site scripting (XSS) vulnerability in Jease 2.11 allows remote authenticated users to inject arbitrary web script or HTML via a content section note.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
jease jease 2.11