Every CVE whose affected-product data names Jalios Jcms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2019-19033 — CVSS 9.8 (critical): Jalios JCMS 10 allows attackers to access any part of the website and the WebDAV server with administrative privileges via a backdoor…
CVE-2020-15497 — CVSS 5.3 (medium): jcore/portal/ajaxPortal.jsp in Jalios JCMS 10.0.2 build-20200224104759 allows XSS via the types parameter. Note: It is asserted that this…