JFinalCMS Cross-Site Request Forgery Vulnerability (CNVD-2024-49644)
JFinalCMS is a content management system. A cross-site request forgery vulnerability exists in JFinalCMS version 1.0, which stems from the /admin/tag/save file not adequately verifying that a request comes from a trusted user. An attacker can exploit this vulnerability to forge a malicious reques...