Lucene search
GoogleOSV:CVE-2022-33113HistoryJun 23, 2022 - 5:15 p.m.
CVE-2022-33113
2022-06-2317:15:14
Google
osv.dev
2
Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the keyword text field under the publish blog module.
| CPE | Name | Operator | Version |
|---|---|---|---|
| jfinal_cms | eq | 1.4 | |
| jfinal_cms | eq | 3.1.0 | |
| jfinal_cms | eq | 5.1.0 | |
| jfinal_cms | eq | 2.6.0 | |
| jfinal_cms | eq | 4.1.4 | |
| jfinal_cms | eq | 1.2 | |
| jfinal_cms | eq | 2.8.0 | |
| jfinal_cms | eq | 4.1.2 | |
| jfinal_cms | eq | 5.0.1 | |
| jfinal_cms | eq | 2.4.0 |
References
Related
github
github
Cross-site Scripting in Jfinal CMS
2022-06-24 00:00:31
osv
osv
Cross-site Scripting in Jfinal CMS
2022-06-24 00:00:31
cnvd
cnvd
Jfinal CMS Cross-Site Scripting Vulnerability (CNVD-2022-58383)
2022-06-27 00:00:00
prion
prion
Design/Logic Flaw
2022-06-23 17:15:00
cvelist
cvelist
CVE-2022-33113
2022-06-23 12:44:59
cve
cve
CVE-2022-33113
2022-06-23 17:15:14
veracode
veracode
Cross-site Scripting (XSS)
2022-06-27 09:59:23
nvd
nvd
CVE-2022-33113
2022-06-23 17:15:14