CVE-2024-22492
CVE-2024-22492 describes a stored XSS vulnerability in JFinalCMS 5.0.0. The issue is exploitable via the /gusetbook/save contact parameter, allowing remote attackers to inject arbitrary web script or HTML. The CVE entry notes a network-based vector with low attack complexity and requires user int...