Javaweb Blog Project Javaweb Blog — known CVE vulnerabilities
Every CVE whose affected-product data names Javaweb Blog Project Javaweb Blog, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2022-40037 — CVSS 9.8 (critical): An issue discovered in Rawchen blog-ssm v1.0 allows remote attacker to escalate privileges and execute arbitrary commands via the component…
CVE-2022-40034 — CVSS 5.4 (medium): Cross-Site Scripting (XSS) vulnerability found in Rawchen blog-ssm v1.0 allows attackers to execute arbitrary code via the 'notifyInfo'…