CVE-2023-49397
JFinalCMS v5.0.0 contains a CSRF vulnerability exploitable via the /admin/category/updateStatus endpoint. Root cause: Cross-Site Request Forgery on a sensitive admin action. Impact is described as high (CVSS v3.1: 8.8; Confidentiality, Integrity, Availability all High). Exploitation details are n...