7 matches found
CVE-2023-24747
Jfinal CMS v5.1 was discovered to contain a cross-site scripting XSS vulnerability via the component /system/dict/list...
CVE-2023-24747
Jfinal CMS v5.1 was discovered to contain a cross-site scripting XSS vulnerability via the component /system/dict/list...
Cross site scripting
Jfinal CMS v5.1 was discovered to contain a cross-site scripting XSS vulnerability via the component /system/dict/list...
jfinal cms 跨站脚本漏洞
jfinal cms is a java development of powerful information consulting website , using the simple and powerful JFinal as the web framework , template engine with beetl , database with mysql , front-end bootstrap framework . A security vulnerability exists in jfinal cms version 5.1, which originates...
PT-2023-19764 · Jfinalcms · Jfinalcms
Name of the Vulnerable Software and Affected Versions: Jfinal CMS version 5.1 Description: A cross-site scripting XSS issue was found in Jfinal CMS via the component "/system/dict/list". This component is an API endpoint that is susceptible to XSS attacks. Recommendations: For Jfinal CMS version...
CVE-2022-33114
Jfinal CMS v5.1.0 was discovered to contain a SQL injection vulnerability via the attrVal parameter at /jfinalcms/system/dict/list...
Jfinal CMS SQL注入漏洞
Jfinal CMS is a java development of powerful information consulting website , using a simple and powerful JFinal as the web framework , template engine with beetl, database with mysql, front-end bootstrap framework. Jfinal CMS version v5.1.0 has a SQL injection vulnerability that originates from...