CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

OSV•added 2024/01/12 6:30 p.m.•0 views

GHSA-3J4X-9Q9Q-3277 Cross-site Scripting in JFinal

A stored XSS vulnerability exists in JFinalcms 5.0.0 via the /gusetbook/save content parameter, which allows remote attackers to inject arbitrary web script or HTML...

5.4CVSS6AI score0.00129EPSS

Exploits1References2

OSV•added 2024/01/12 6:30 p.m.•0 views

GHSA-859H-4W58-78XW Cross-site Scripting in JFinal

A stored XSS vulnerability exists in JFinalcms 5.0.0 via the /gusetbook/save contact parameter, which allows remote attackers to inject arbitrary web script or HTML...

5.4CVSS6AI score0.00127EPSS

Exploits1References2

Positive Technologies•added 2024/01/12 12:0 a.m.•2 views

PT-2024-19451 · Jfinalcms · Jfinalcms

Name of the Vulnerable Software and Affected Versions: JFinalcms version 5.0.0 Description: A stored XSS issue exists, allowing remote attackers to inject arbitrary web script or HTML via the "/gusetbook/save" API endpoint, specifically through the mobile parameter. This enables attackers to...

5.4CVSS5.3AI score0.00054EPSS

Exploits1References5

CNNVD•added 2024/01/12 12:0 a.m.•1 views

JFinalCMS Cross-Site Scripting Vulnerability

JFinalCMS is a content management system by heyewei Personal Developer. A cross-site scripting vulnerability exists in JFinalCMS version 5.0.0, which originates from cross-site scripting via the /gusetbook/save content parameter, allowing remote attackers to inject arbitrary web script or HTML...

5.4CVSS6.1AI score0.00129EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by