Cross-Site Request Forgery in JFinalCMS via /admin/div/update

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/div/update...

CVE-2023-49381

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/div/update...

Cross site request forgery (csrf)

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/div/update...

PT-2023-31196 · Jfinalcms · Jfinalcms

Name of the Vulnerable Software and Affected Versions: JFinalCMS version 5.0.0 Description: A Cross-Site Request Forgery CSRF issue was found in JFinalCMS via the "/admin/div/update" API endpoint. This allows an attacker to perform unintended actions on the application. Recommendations: For...

JFinalCMS Security Vulnerability

JFinalCMS is a content management system by heyewei individual developer. A security vulnerability exists in JFinalCMS v5.0.0, which originates from a cross-site request forgery vulnerability in the /admin/div/update component...