White Jotter
by Antabot
Source repositories
CVEs (8)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-60803 | Cri | 0.64 | 9.8 | 0.01 | Oct 24, 2025 | Antabot White-Jotter up to commit 9bcadc was discovered to contain an unauthenticated remote code execution (RCE) vulnerability via the component /api/aaa;/../register. | ||
| CVE-2025-8708 | Med | 0.33 | 5.0 | 0.00 | Aug 8, 2025 | A vulnerability was found in Antabot White-Jotter 0.22. It has been declared as critical. This vulnerability affects the function CookieRememberMeManager of the file ShiroConfiguration.java of the component com.gm.wj.config.ShiroConfiguration. The manipulation with the input… | ||
| CVE-2024-57176 | 0.00 | — | 0.00 | Feb 21, 2025 | An issue in the shiroFilter function of White-Jotter project v0.2.2 allows attackers to execute a directory traversal and access sensitive endpoints via a crafted URL. | |||
| CVE-2024-13032 | 0.00 | — | 0.01 | Dec 30, 2024 | A vulnerability classified as problematic was found in Antabot White-Jotter up to 0.2.2. Affected by this vulnerability is an unknown functionality of the file /admin/content/editor of the component Article Editor. The manipulation of the argument articleCover leads to… | |||
| CVE-2024-13031 | 0.00 | — | 0.00 | Dec 30, 2024 | A vulnerability classified as problematic has been found in Antabot White-Jotter up to 0.2.2. Affected is an unknown function of the file /admin/content/editor of the component Article Content Editor. The manipulation leads to cross site scripting. It is possible to launch the… | |||
| CVE-2024-13029 | 0.00 | — | 0.01 | Dec 29, 2024 | A vulnerability, which was classified as problematic, was found in Antabot White-Jotter up to 0.2.2. Affected is an unknown function of the file /admin/content/book of the component Edit Book Handler. The manipulation leads to server-side request forgery. It is possible to… | |||
| CVE-2024-13028 | 0.00 | — | 0.01 | Dec 29, 2024 | A vulnerability, which was classified as problematic, has been found in Antabot White-Jotter up to 0.2.2. This issue affects some unknown processing of the file /login. The manipulation of the argument username leads to observable response discrepancy. The attack may be… | |||
| CVE-2023-29635 | 0.00 | — | 0.01 | May 1, 2023 | File upload vulnerability in Antabot White-Jotter v0.2.2, allows remote attackers to execute malicious code via the file parameter to function coversUpload. |
- risk 0.64cvss 9.8epss 0.01
Antabot White-Jotter up to commit 9bcadc was discovered to contain an unauthenticated remote code execution (RCE) vulnerability via the component /api/aaa;/../register.
- risk 0.33cvss 5.0epss 0.00
A vulnerability was found in Antabot White-Jotter 0.22. It has been declared as critical. This vulnerability affects the function CookieRememberMeManager of the file ShiroConfiguration.java of the component com.gm.wj.config.ShiroConfiguration. The manipulation with the input…
- CVE-2024-57176Feb 21, 2025risk 0.00cvss —epss 0.00
An issue in the shiroFilter function of White-Jotter project v0.2.2 allows attackers to execute a directory traversal and access sensitive endpoints via a crafted URL.
- CVE-2024-13032Dec 30, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as problematic was found in Antabot White-Jotter up to 0.2.2. Affected by this vulnerability is an unknown functionality of the file /admin/content/editor of the component Article Editor. The manipulation of the argument articleCover leads to…
- CVE-2024-13031Dec 30, 2024risk 0.00cvss —epss 0.00
A vulnerability classified as problematic has been found in Antabot White-Jotter up to 0.2.2. Affected is an unknown function of the file /admin/content/editor of the component Article Content Editor. The manipulation leads to cross site scripting. It is possible to launch the…
- CVE-2024-13029Dec 29, 2024risk 0.00cvss —epss 0.01
A vulnerability, which was classified as problematic, was found in Antabot White-Jotter up to 0.2.2. Affected is an unknown function of the file /admin/content/book of the component Edit Book Handler. The manipulation leads to server-side request forgery. It is possible to…
- CVE-2024-13028Dec 29, 2024risk 0.00cvss —epss 0.01
A vulnerability, which was classified as problematic, has been found in Antabot White-Jotter up to 0.2.2. This issue affects some unknown processing of the file /login. The manipulation of the argument username leads to observable response discrepancy. The attack may be…
- CVE-2023-29635May 1, 2023risk 0.00cvss —epss 0.01
File upload vulnerability in Antabot White-Jotter v0.2.2, allows remote attackers to execute malicious code via the file parameter to function coversUpload.