Description
JFinalcms 5.0.0 is vulnerable to Cross Site Scripting (XSS) via carousel image editing.
Remediation
References
https://github.com/Jarvis-616/cms/blob/master/There%20is%20a%20storage%20type%20XSS%20for%20carousel%20image%20editing.md
Related Vulnerabilities
CVE-2021-37694 Vulnerability in npm package @asyncapi/java-spring-cloud-stream-template
CVE-2022-2063 Vulnerability in npm package nocodb
CVE-2016-10735 Vulnerability in npm package bootstrap
CVE-2021-23400 Vulnerability in npm package nodemailer
CVE-2023-36820 Vulnerability in maven package io.micronaut.security:micronaut-security-oauth2