Description
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/slide/update.
Remediation
References
https://github.com/li-yu320/cms/blob/main/There%20is%20CSRF%20in%20the%20rotation%20image%20editing%20section.md
Related Vulnerabilities
CVE-2019-10747 Vulnerability in npm package set-value
CVE-2023-41329 Vulnerability in maven package com.github.tomakehurst:wiremock-jre8
CVE-2023-49396 Vulnerability in maven package com.jfinal:jfinal
CVE-2021-32730 Vulnerability in maven package org.xwiki.platform:xwiki-platform-administration-ui
CVE-2021-23397 Vulnerability in npm package @ianwalter/merge