Description
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/slide/delete.
Remediation
References
https://github.com/li-yu320/cms/blob/main/There%20is%20a%20CSRF%20at%20the%20deletion%20point%20of%20the%20broadcast%20image.md
Related Vulnerabilities
CVE-2022-36899 Vulnerability in maven package com.compuware.jenkins:compuware-ispw-operations
CVE-2018-3766 Vulnerability in npm package buttle
CVE-2011-3190 Vulnerability in maven package org.apache.tomcat:coyote
CVE-2022-45855 Vulnerability in maven package org.apache.ambari:ambari
CVE-2022-4375 Vulnerability in maven package net.mingsoft:ms-mcms