This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
Detail | |||
---|---|---|---|
Vendor | Primetek | First view | 2018-01-03 |
Product | Primefaces | Last view | 2020-03-13 |
Version | Type | ||
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
CPE Name | Affected CVE |
---|---|
cpe:2.3:a:primetek:primefaces:*:*:*:*:*:*:*:* | 1 |
cpe:2.3:a:primetek:primefaces:7.0.11:*:*:*:*:*:*:* | 1 |
Related : CVE
Date | Alert | Description | |
---|---|---|---|
6.1 | 2020-03-13 | CVE-2020-10544 | An XSS issue was discovered in tooltip/tooltip.js in PrimeTek PrimeFaces 7.0.11. In a web application using PrimeFaces, an attacker can provide JavaScript code in an input field whose data is later used as a tooltip title without any input validation. |
9.8 | 2018-01-03 | CVE-2017-1000486 | Primetek Primefaces 5.x is vulnerable to a weak encryption flaw resulting in remote code execution |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
50% (1) | CWE-326 | Inadequate Encryption Strength |
50% (1) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |