Description
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/tag/update.
Remediation
References
https://github.com/cui2shark/cms/blob/main/Modification%20of%20CSRF%20in%20Label%20Management.md
Related Vulnerabilities
CVE-2022-42466 Vulnerability in maven package org.apache.isis.viewer:isis-viewer-wicket-ui
CVE-2020-7690 Vulnerability in npm package jspdf
CVE-2017-16026 Vulnerability in npm package request
CVE-2022-39135 Vulnerability in maven package org.apache.calcite:calcite-core
CVE-2023-43123 Vulnerability in maven package org.apache.storm:storm-pmml-examples