Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache jackrabbit vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-37895
Java object deserialization issue in Jackrabbit webapp/standalone on all platforms allows malicious user to remotely execute code via RMIVersions up to (including) 2.20.10 (stable branch) and 2.21.17 (unstable branch) use the component "commons-beanutils", which contain...
Apache Jackrabbit
8.8
CVSSv3
CVE-2016-6801
Cross-site request forgery (CSRF) vulnerability in the CSRF content-type check in Jackrabbit-Webdav in Apache Jackrabbit 2.4.x prior to 2.4.6, 2.6.x prior to 2.6.6, 2.8.x prior to 2.8.3, 2.10.x prior to 2.10.4, 2.12.x prior to 2.12.4, and 2.13.x prior to 2.13.3 allows remote mali...
Apache Jackrabbit 2.13.0
Apache Jackrabbit 2.12.2
Apache Jackrabbit 2.10.1
Apache Jackrabbit 2.8.2
Apache Jackrabbit 2.6.4
Apache Jackrabbit 2.6.1
Apache Jackrabbit 2.13.2
Apache Jackrabbit 2.4.5
Apache Jackrabbit 2.4.4
Apache Jackrabbit 2.4.3
Apache Jackrabbit 2.4.2
Apache Jackrabbit 2.12.1
Apache Jackrabbit 2.12.0
Apache Jackrabbit 2.10.3
Apache Jackrabbit 2.10.2
Apache Jackrabbit 2.6.0
Apache Jackrabbit 2.4.1
Apache Jackrabbit 2.8.0
Apache Jackrabbit 2.4.0
Apache Jackrabbit 2.13.1
Apache Jackrabbit 2.12.3
Apache Jackrabbit 2.10.0
7.5
CVSSv3
CVE-2020-1940
The optional initial password change and password expiration features present in Apache Jackrabbit Oak 1.2.0 to 1.22.0 are prone to a sensitive information disclosure vulnerability. The code mandates the changed password to be passed as an additional attribute to the credentials ...
Apache Jackrabbit Oak
NA
CVE-2015-1833
XML external entity (XXE) vulnerability in Apache Jackrabbit prior to 2.0.6, 2.2.x prior to 2.2.14, 2.4.x prior to 2.4.6, 2.6.x prior to 2.6.6, 2.8.x prior to 2.8.1, and 2.10.x prior to 2.10.1 allows remote malicious users to read arbitrary files and send requests to intranet ser...
Apache Jackrabbit 2.2.10
Apache Jackrabbit 2.2.9
Apache Jackrabbit 2.2.0
Apache Jackrabbit 2.4.5
Apache Jackrabbit 2.6.4
Apache Jackrabbit 2.6.3
Apache Jackrabbit
Apache Jackrabbit 2.2.13
Apache Jackrabbit 2.2.5
Apache Jackrabbit 2.2.4
Apache Jackrabbit 2.4.2
Apache Jackrabbit 2.4.1
Apache Jackrabbit 2.8.0
Apache Jackrabbit 2.10.0
Apache Jackrabbit 2.2.12
Apache Jackrabbit 2.2.11
Apache Jackrabbit 2.2.2
Apache Jackrabbit 2.2.1
Apache Jackrabbit 2.4.0
Apache Jackrabbit 2.6.5
Apache Jackrabbit 2.2.8
Apache Jackrabbit 2.2.7
1 EDB exploit
4 Github repositories
NA
CVE-2009-0026
Multiple cross-site scripting (XSS) vulnerabilities in Apache Jackrabbit prior to 1.5.2 allow remote malicious users to inject arbitrary web script or HTML via the q parameter to (1) search.jsp or (2) swr.jsp.
Apache Jackrabbit 1.4
Apache Jackrabbit 1.5.0
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started