Description
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/slide/update.
Remediation
References
https://github.com/li-yu320/cms/blob/main/There%20is%20CSRF%20in%20the%20rotation%20image%20editing%20section.md
Related Vulnerabilities
CVE-2017-16197 Vulnerability in npm package qinserve
CVE-2019-18818 Vulnerability in npm package strapi
CVE-2019-1010091 Vulnerability in npm package tinymce
CVE-2018-12532 Vulnerability in maven package org.richfaces:richfaces-a4j
CVE-2015-8862 Vulnerability in maven package org.webjars.bower:mustache