CVE-2022-38272
CVE-2022-38272 affects JFinal CMS 5.1.0, with SQL Injection via the /admin/article/list endpoint. The connected sources confirm the vulnerability but do not provide explicit root-cause details in the documents; exploitation status is not described. PT-Security notes recommend updating JFinal CMS ...