SOS : Security Vulnerabilities, CVEs,

CVE-2014-5393

Directory traversal vulnerability in the JobScheduler Operations Center (JOC) in SOS JobScheduler before 1.6.4246 and 1.7.x before 1.7.4241 allows remote authenticated users with the info permission to read arbitrary files in the webroot via unspecified vectors.
Max CVSS
4.0
EPSS Score
0.47%
Published
2014-09-11
Updated
2018-10-09

CVE-2014-5392

XML External Entity (XXE) vulnerability in JobScheduler before 1.6.4246 and 7.x before 1.7.4241 allows remote attackers to cause a denial of service and read arbitrary files or directories via a request containing an XML external entity declaration in conjunction with an entity reference.
Max CVSS
5.8
EPSS Score
0.48%
Published
2014-09-23
Updated
2018-10-09

CVE-2014-5391

Cross-site scripting (XSS) vulnerability in the JobScheduler Operations Center (JOC) in SOS JobScheduler before 1.6.4246 and 1.7.x before 1.7.4241 allows remote attackers to inject arbitrary web script or HTML via the hash property (location.hash).
Max CVSS
4.3
EPSS Score
0.29%
Published
2014-09-11
Updated
2018-10-09
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close