Name: Webswing
Author: Webswing

🔍 What is Webswing?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2024-39332

CRITICAL CVSS 9.8 Oct 31, 2024

CVE-2024-39332 is a critical path traversal vulnerability in Webswing 23.2.2 that allows remote attackers to modify client-side JavaScript to access and potentially modify server files, including shel...

CVE-2022-34914

CRITICAL CVSS 9.8 Jul 8, 2022

CVE-2022-34914 is an injection vulnerability in Webswing that allows attackers to manipulate the X-Forwarded-For header to inject arbitrary arguments into session startup parameters. This affects Webs...

CVE-2020-11103

CRITICAL CVSS 9.8 Dec 30, 2020

This vulnerability in Webswing's JsLink mechanism allows remote attackers to execute arbitrary code on affected servers. It affects Webswing installations before version 2.6.12 LTS, and versions 2.7.x...