VYPR

JE Messenger

by Harmis

CVEs (2)

  • CVE-2019-9918CriMar 29, 2019
    risk 0.59cvss 9.1epss 0.01

    An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. Input does not get validated and queries are not written in a way to prevent SQL injection. Therefore arbitrary SQL-Statements can be executed in the database.

  • CVE-2019-9921MedMar 29, 2019
    risk 0.42cvss 6.5epss 0.01

    An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to read information that should only be accessible by a different user.