PT-2024-19450 · Jfinalcms · Jfinalcms
Name of the Vulnerable Software and Affected Versions: JFinalcms version 5.0.0 Description: A stored XSS issue exists via the "/gusetbook/save" API endpoint, specifically through the content parameter, allowing remote attackers to inject arbitrary web script or HTML. Recommendations: For JFinalcm...