7.9 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.0%
Jfinalcms is vulnerable to Cross Site Scripting( XSS). The vulnerability is due to improper input validation in the friendship link component, allowing a remote attacker to execute arbitrary code through a crafted script.
github.com/yukino-hiki/CVE/blob/main/4/There%20is%20a%20stored%20xss%20at%20the%20friendship%20link.md