Description
JFinalCMS v5.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the navigation management department.
Remediation
References
https://github.com/Rabb1ter/cms/blob/main/There%20is%20a%20stored%20XSS%20in%20the%20navigation%20management%20office.md
Related Vulnerabilities
CVE-2018-16487 Vulnerability in maven package org.webjars.npm:lodash
CVE-2022-39353 Vulnerability in maven package org.webjars.npm:xmldom
CVE-2022-25885 Vulnerability in npm package hummus
CVE-2019-1003054 Vulnerability in maven package info.bluefloyd.jenkins:jenkins-jira-issue-updater
CVE-2017-15701 Vulnerability in maven package org.apache.qpid:qpid-broker