Every CVE whose affected-product data names Ujcms Jspxcms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2022-23329 — CVSS 9.8 (critical): A vulnerability in ${"freemarker.template.utility.Execute"?new() of UJCMS Jspxcms v10.2.0 allows attackers to execute arbitrary commands…
CVE-2022-28090 — CVSS 6.5 (medium): Jspxcms v10.2.0 allows attackers to execute a Server-Side Request Forgery (SSRF) via /cmscp/ext/collect/fetch_url.do?url=.
CVE-2025-25772 — CVSS 5.1 (medium): A Cross-Site Request Forgery (CSRF) in the component /back/UserController.java of Jspxcms v9.0 to v9.5 allows attackers to arbitrarily add…
CVE-2024-0599 — CVSS 3.5 (low): A vulnerability was found in Jspxcms 10.2.0. It has been declared as problematic. Affected by this vulnerability is an unknown…
CVE-2024-1256 — CVSS 3.5 (low): A vulnerability was found in Jspxcms 10.2.0 and classified as problematic. This issue affects some unknown processing of the file…
CVE-2024-1257 — CVSS 3.5 (low): A vulnerability was found in Jspxcms 10.2.0. It has been classified as problematic. Affected is an unknown function of the file…