Description
JFinalcms 5.0.0 is vulnerable to Cross Site Scripting (XSS) via carousel image editing.
Remediation
References
https://github.com/Jarvis-616/cms/blob/master/There%20is%20a%20storage%20type%20XSS%20for%20carousel%20image%20editing.md
Related Vulnerabilities
CVE-2023-49397 Vulnerability in maven package com.jfinal:jfinal
CVE-2020-12265 Vulnerability in maven package org.webjars.npm:decompress-tar
CVE-2019-9737 Vulnerability in maven package org.webjars.bower:editor.md
CVE-2021-33562 Vulnerability in maven package com.shopizer:shopizer
CVE-2021-23337 Vulnerability in maven package org.webjars:lodash