Description
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/slide/update.
Remediation
References
https://github.com/li-yu320/cms/blob/main/There%20is%20CSRF%20in%20the%20rotation%20image%20editing%20section.md
Related Vulnerabilities
CVE-2022-21213 Vulnerability in npm package mout
CVE-2022-46907 Vulnerability in maven package org.apache.jspwiki:jspwiki-war
CVE-2016-10556 Vulnerability in npm package sequelize
CVE-2020-7642 Vulnerability in maven package org.webjars.bowergithub.afarkas:lazysizes
CVE-2018-3721 Vulnerability in maven package org.webjars.npm:lodash.merge