Filtered by vendor Eclipse Subscriptions
Filtered by product Mojarra Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-6950 3 Eclipse, Oracle, Redhat 14 Mojarra, Banking Enterprise Default Management, Banking Platform and 11 more 2024-11-21 6.5 Medium
Directory traversal in Eclipse Mojarra before 2.3.14 allows attackers to read arbitrary files via the loc parameter or con parameter.
CVE-2019-17091 2 Eclipse, Oracle 23 Mojarra, Application Testing Suite, Banking Enterprise Product Manufacturing and 20 more 2024-11-21 6.1 Medium
faces/context/PartialViewContextImpl.java in Eclipse Mojarra, as used in Mojarra for Eclipse EE4J before 2.3.10 and Mojarra JavaServer Faces before 2.2.20, allows Reflected XSS because a client window field is mishandled.
CVE-2018-14371 2 Eclipse, Redhat 4 Mojarra, Jboss Enterprise Application Platform, Jboss Enterprise Application Platform Cd and 1 more 2024-11-21 N/A
The getLocalePrefix function in ResourceManager.java in Eclipse Mojarra before 2.3.7 is affected by Directory Traversal via the loc parameter. A remote attacker can download configuration files or Java bytecodes from applications.