VYPR

JOC Cockpit

by sos-berlin

CVEs (1)

  • CVE-2023-37272MedJul 13, 2023
    risk 0.41cvss 6.3epss 0.00

    JS7 is an Open Source Job Scheduler. Users specify file names when uploading files holding user-generated documentation for JOC Cockpit. Specifically crafted file names allow an XSS attack to inject code that is executed with the browser. Risk of the vulnerability is considered…