3 matches found
CVE-2023-49380
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/friendlink/delete...
CVE-2023-49380
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/friendlink/delete...
PT-2023-31195 · Jfinalcms · Jfinalcms
Name of the Vulnerable Software and Affected Versions: JFinalCMS version 5.0.0 Description: A Cross-Site Request Forgery CSRF issue was discovered in JFinalCMS. The vulnerability can be exploited via the "/admin/friend link/delete" API endpoint. Recommendations: For JFinalCMS version 5.0.0, as a...