Zkoss Zk Framework vulnerabilities
2 known vulnerabilities affecting zkoss/zk_framework.
Total CVEs
2
CISA KEV
1
actively exploited
Public exploits
1
Exploited in wild
1
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2022-36537P1HIGHCVSS 7.5KEVPoCRansomwarefixed in 8.6.4.2≥ 9.0.0, < 9.0.1.3+2 more2022-08-26
CVE-2022-36537 [HIGH] CVE-2022-36537: ZK Framework v9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 allows attackers to access sensitive info
ZK Framework v9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 allows attackers to access sensitive information via a crafted POST request sent to the component AuUploader.
nvd
CVE-2013-5966P4MEDIUMCVSS 4.3≤ 5.0.12v5.0.0+12 more2013-11-20
CVE-2013-5966 [MEDIUM] CWE-79 CVE-2013-5966: Cross-site scripting (XSS) vulnerability in ZK Framework before 5.0.13 allows remote attackers to in
Cross-site scripting (XSS) vulnerability in ZK Framework before 5.0.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
nvd