CVE-2024-57771

A cross-site scripting XSS vulnerability in the common/getEditPage?view interface of JFinalOA before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

PT-2025-3568 · Jfinaloa · Jfinaloa

Name of the Vulnerable Software and Affected Versions: JFinalOA versions prior to v2025.01.01 Description: A cross-site scripting XSS vulnerability in the "getBusinessUploadListPage?busid" interface of JFinalOA allows attackers to execute arbitrary web scripts or HTML via a crafted payload...