Description
JFinalcms 5.0.0 is vulnerable to Cross Site Scripting (XSS) via Label management editing.
Remediation
References
https://github.com/Jarvis-616/cms/blob/master/Label%20management%20editing%20with%20stored%20XSS.md
Related Vulnerabilities
CVE-2023-36479 Vulnerability in maven package org.eclipse.jetty.ee8:jetty-ee8-servlets
CVE-2019-5483 Vulnerability in npm package seneca
CVE-2020-10650 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind
CVE-2023-38286 Vulnerability in maven package de.codecentric:spring-boot-admin-server
CVE-2010-0684 Vulnerability in maven package org.apache.activemq:activemq-web