Headline
GHSA-34j6-m83c-52x2: Jfinal Cross-site Scripting vulnerability
Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the post title text field under the publish blog module.
Jfinal Cross-site Scripting vulnerability
Moderate severity GitHub Reviewed Published Aug 26, 2022 • Updated Sep 1, 2022
Related news
CVE-2022-36527: XSS vulnerability1 in jfinal_cms 5.1.0 · Issue #45 · jflyfox/jfinal_cms
Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the post title text field under the publish blog module.