CVE-2022-29648
CVE-2022-29648 concerns Jfinal CMS v5.1.0 and describes a cross-site scripting (XSS) vulnerability that allows an attacker to execute arbitrary web scripts or HTML by crafting the X-Forwarded-For header. The available connected documents consistently state the issue as XSS in X-Forwarded-For hand...