Primetek Primefaces vulnerabilities
2 known vulnerabilities affecting primetek/primefaces.
Total CVEs
2
CISA KEV
1
actively exploited
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2017-1000486P1CRITICALCVSS 9.8KEVPoC≥ 4.0, ≤ 4.0.24≥ 5.0, < 5.2.21+1 more2018-01-03
CVE-2017-1000486 [CRITICAL] CWE-326 CVE-2017-1000486: Primetek Primefaces 5.x is vulnerable to a weak encryption flaw resulting in remote code execution
Primetek Primefaces 5.x is vulnerable to a weak encryption flaw resulting in remote code execution
nvd
CVE-2020-10544P4MEDIUMCVSS 6.1v7.0.112020-03-13
CVE-2020-10544 [MEDIUM] CWE-79 CVE-2020-10544: An XSS issue was discovered in tooltip/tooltip.js in PrimeTek PrimeFaces 7.0.11. In a web applicatio
An XSS issue was discovered in tooltip/tooltip.js in PrimeTek PrimeFaces 7.0.11. In a web application using PrimeFaces, an attacker can provide JavaScript code in an input field whose data is later used as a tooltip title without any input validation.
ghsanvdosv