Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sos-berlin jobscheduler vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2020-6854
A cross-site scripting (XSS) vulnerability in the JOC Cockpit component of SOS JobScheduler 1.11 and 1.13.2 allows malicious users to inject arbitrary web script or HTML via JSON properties available from the REST API.
Sos-berlin Jobscheduler 1.11
Sos-berlin Jobscheduler 1.13.2
6.5
CVSSv3
CVE-2020-6855
A large or infinite loop vulnerability in the JOC Cockpit component of SOS JobScheduler 1.11 and 1.13.2 allows malicious users to parameterize housekeeping jobs in a way that exhausts system resources and results in a denial of service.
Sos-berlin Jobscheduler 1.11
Sos-berlin Jobscheduler 1.13.2
6.5
CVSSv3
CVE-2020-6856
An XML External Entity (XEE) vulnerability exists in the JOC Cockpit component of SOS JobScheduler 1.12 and 1.13.2 allows malicious users to read files from the server via an entity declaration in any of the XML documents that are used to specify the run-time settings of jobs and...
Sos-berlin Jobscheduler 1.11
Sos-berlin Jobscheduler 1.13.2
5.4
CVSSv3
CVE-2023-37272
JS7 is an Open Source Job Scheduler. Users specify file names when uploading files holding user-generated documentation for JOC Cockpit. Specifically crafted file names allow an XSS attack to inject code that is executed with the browser. Risk of the vulnerability is considered h...
Sos-berlin Jobscheduler
7.5
CVSSv3
CVE-2020-12712
A vulnerability based on insecure user/password encryption in the JOE (job editor) component of SOS JobScheduler 1.12 and 1.13 allows malicious users to decrypt the user/password that is optionally stored with a user's profile.
Sos-berlin Jobscheduler
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started