CVE-2020-27621

The FileImporter extension in MediaWiki through 1.35.0 was not properly attributing various user actions to a specific user's IP address. Instead, for various actions, it would report the IP address of an internal Wikimedia Foundation server by omitting X-Forwarded-For data. This resulted in an...

Jfinal CMS 跨站脚本漏洞

Jfinal CMS is a powerful information consulting website developed in java, using the simple and powerful JFinal as the web framework, template engine with beetl, database with mysql, and front-end bootstrap framework. cross-site scripting vulnerability exists in Jfinal CMS v5.1.0. The vulnerabili...