Description
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /jfinal_cms/system/user/list.
Remediation
References
https://github.com/jflyfox/jfinal_cms/issues/48
Related Vulnerabilities
CVE-2015-1370 Vulnerability in npm package marked
CVE-2020-11619 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind
CVE-2022-40955 Vulnerability in maven package org.apache.inlong:sort-connector-mysql-cdc
CVE-2019-10768 Vulnerability in npm package angular
CVE-2022-21126 Vulnerability in maven package com.github.samtools:htsjdk