) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
Search Parameters:
- Results Type: Overview
- Keyword (text search): PrimeFaces
- Search Type: Search All
- CPE Name Search: false
There are 2 matching records.
Displaying matches 1 through 2.
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2020-10544 |
An XSS issue was discovered in tooltip/tooltip.js in PrimeTek PrimeFaces 7.0.11. In a web application using PrimeFaces, an attacker can provide JavaScript code in an input field whose data is later used as a tooltip title without any input validation. Published: March 13, 2020; 11:15:11 AM -0400 |
V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2017-1000486 |
Primetek Primefaces 5.x is vulnerable to a weak encryption flaw resulting in remote code execution Published: January 03, 2018; 3:29:00 PM -0500 |
V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |