CVE-2022-38281
CVE-2022-38281 affects JFinal CMS 5.1.0; the vulnerability is a SQL injection in the /admin/site/list endpoint. Root cause: unsafely built SQL queries using user input. Impact as stated: potential data disclosure or modification with high severity (per CVSS 3.1). Remediation guidance from PT-2022...