Medium severity5.4NVD Advisory· Published Feb 5, 2020· Updated Jun 17, 2026
CVE-2020-6854
CVE-2020-6854
Description
A cross-site scripting (XSS) vulnerability in the JOC Cockpit component of SOS JobScheduler 1.11 and 1.13.2 allows attackers to inject arbitrary web script or HTML via JSON properties available from the REST API.
Affected products
2- SOS/JobSchedulerdescription
- Range: 1.11, 1.13.2
Patches
Vulnerability mechanics
References
1- change.sos-berlin.com/browse/JOC-854nvdIssue TrackingVendor Advisory
News mentions
0No linked articles in our index yet.