Lucene search
K

5 matches found

Veracode
Veracode
added 2022/06/27 9:59 a.m.20 views

Cross-site Scripting (XSS)

com.jfinal:jfinal is vulnerable to cross-site scriptingXSS attacks. A remote attacker is able to inject and execute arbitrary javascript via a crafted payload injected into the keyword text field under the publish blog module...

5.4CVSS5.8AI score0.00486EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2022/06/24 12:0 a.m.5 views

GHSA-9PVQ-4CC7-24JG Cross-site Scripting in Jfinal CMS

Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the keyword text field under the publish blog module...

5.4CVSS6.1AI score0.00486EPSS
Exploits1References2
Prion
Prion
added 2022/06/23 5:15 p.m.16 views

Design/Logic Flaw

Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the keyword text field under the publish blog module...

3.5CVSS5.7AI score0.00486EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/06/23 12:44 p.m.44 views

CVE-2022-33113

Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the keyword text field under the publish blog module...

6AI score0.00486EPSS
Exploits1References1
OSV
OSV
added 2022/06/23 12:44 p.m.19 views

CVE-2022-33113

Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the keyword text field under the publish blog module...

5.4CVSS7AI score0.00486EPSS
Exploits1References3
Rows per page
Query Builder