Description
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /jfinal_cms/system/role/list.
Remediation
References
https://github.com/jflyfox/jfinal_cms/issues/49
Related Vulnerabilities
CVE-2023-30517 Vulnerability in maven package io.jenkins.plugins:neuvector-vulnerability-scanner
CVE-2023-45278 Vulnerability in maven package org.yamcs:yamcs-core
CVE-2022-23496 Vulnerability in maven package nl.basjes.parse.useragent:yauaa-flink-table
CVE-2022-45470 Vulnerability in maven package org.apache.hama:hama-core
CVE-2022-31777 Vulnerability in maven package org.apache.spark:spark-core_2.12