2 matches found
CVE-2023-24747
Jfinal CMS v5.1 was discovered to contain a cross-site scripting XSS vulnerability via the component /system/dict/list...
CVE-2023-24747
CVE-2023-24747 affects Jfinal CMS v5.1, with a cross-site scripting (XSS) vulnerability exposed via the /system/dict/list endpoint. Public sources in the connected data confirm the issue is an XSS bug in that API component; no exploitation status is provided in the documents. The CVSSv3.1 base sc...