Description
JFinalcms 5.0.0 is vulnerable to Cross Site Scripting (XSS) via Label management editing.
Remediation
References
https://github.com/Jarvis-616/cms/blob/master/Label%20management%20editing%20with%20stored%20XSS.md
Related Vulnerabilities
CVE-2018-16481 Vulnerability in npm package html-pages
CVE-2021-21341 Vulnerability in maven package com.thoughtworks.xstream:xstream
CVE-2023-29206 Vulnerability in maven package org.xwiki.platform:xwiki-platform-skin-skinx
CVE-2023-29521 Vulnerability in maven package org.xwiki.platform:xwiki-platform-vfs-ui
CVE-2020-1938 Vulnerability in maven package org.apache.tomcat:tomcat-coyote