Headline
CVE-2023-24747: cve-2023-24747
Jfinal CMS v5.1 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /system/dict/list.
[cve ID]
cve-2023-24747
[PRODUCT]
JFINAl
[VERSION]
version < JFINAl_cms-5.1
[PROBLEM TYPE]
Cross Site Scripting
[DESCRIPTION]
Depositing a string into the database results in stored XSS