Lucene search
K

11 matches found

ATTACKERKB
ATTACKERKB
added 2022/08/25 7:15 p.m.3 views

CVE-2022-36527

Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the post title text field under the publish blog module...

5.4CVSS6.3AI score0.00413EPSS
Exploits1References2
NVD
NVD
added 2022/08/25 7:15 p.m.29 views

CVE-2022-36527

Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the post title text field under the publish blog module...

5.4CVSS0.00413EPSS
Exploits1References1
Prion
Prion
added 2022/08/25 7:15 p.m.17 views

Design/Logic Flaw

Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the post title text field under the publish blog module...

4.9CVSS5.7AI score0.00413EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/08/25 6:46 p.m.31 views

CVE-2022-36527

Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the post title text field under the publish blog module...

6AI score0.00413EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/08/25 12:0 a.m.4 views

jfinal cms 跨站脚本漏洞

jfinal cms is a java development of powerful information consulting website , using a simple and powerful JFinal as the web framework , template engine with beetl , database with mysql , front-end bootstrap framework . A security vulnerability exists in jfinal cms version v5.1.0, which stems from...

5.4CVSS5.9AI score0.00413EPSS
Exploits1References2
Veracode
Veracode
added 2022/06/27 9:59 a.m.20 views

Cross-site Scripting (XSS)

com.jfinal:jfinal is vulnerable to cross-site scriptingXSS attacks. A remote attacker is able to inject and execute arbitrary javascript via a crafted payload injected into the keyword text field under the publish blog module...

5.4CVSS5.8AI score0.00486EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2022/06/24 12:0 a.m.2 views

GHSA-9PVQ-4CC7-24JG Cross-site Scripting in Jfinal CMS

Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the keyword text field under the publish blog module...

5.4CVSS6.1AI score0.00486EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2022/06/24 12:0 a.m.34 views

Cross-site Scripting in Jfinal CMS

Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the keyword text field under the publish blog module...

5.4CVSS5.9AI score0.00486EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2022/06/23 5:15 p.m.34 views

CVE-2022-33113

Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the keyword text field under the publish blog module...

5.4CVSS0.00486EPSS
Exploits1References1
OSV
OSV
added 2022/06/23 12:44 p.m.19 views

CVE-2022-33113

Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the keyword text field under the publish blog module...

5.4CVSS7AI score0.00486EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/06/23 12:44 p.m.42 views

CVE-2022-33113

Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the keyword text field under the publish blog module...

6AI score0.00486EPSS
Exploits1References1
Rows per page
Query Builder