3 matches found
CVE-2023-51254
Cross Site Scripting vulnerability in Jfinalcms v.5.0.0 allows a remote attacker to execute arbitrary code via a crafted script to the friendship link component...
CVE-2023-51254
Jfinalcms 5.0.0 is affected by a Cross Site Scripting (XSS) flaw in the friendship link component. The weakness stems from inadequate input validation, allowing a remote attacker to inject script and potentially execute arbitrary code. Documented by multiple sources (Veracode, CNNVD, OSV, Red Hat...
CVE-2023-51254
Cross Site Scripting vulnerability in Jfinalcms v.5.0.0 allows a remote attacker to execute arbitrary code via a crafted script to the friendship link component...