3 matches found
CVE-2022-27111
JfinalCMS 5.1.0 allows attackers to use the feedback function to send malicious XSS code to the administrator backend and execute it...
CVE-2022-27111
JfinalCMS 5.1.0 allows attackers to use the feedback function to send malicious XSS code to the administrator backend and execute it...
CVE-2022-27111
CVE-2022-27111 affects Jfinal_CMS 5.1.0. The vulnerability is a cross-site scripting (XSS) flaw where the feedback feature can be abused to send malicious code to the administrator backend and have it executed. Root cause suggested by CNVD/CVE sources points to improper handling of user-supplied ...