Description
JFinalcms 5.0.0 is vulnerable to Cross Site Scripting (XSS) via Label management editing.
Remediation
References
https://github.com/Jarvis-616/cms/blob/master/Label%20management%20editing%20with%20stored%20XSS.md
Related Vulnerabilities
CVE-2020-13973 Vulnerability in maven package com.mikesamuel:json-sanitizer
CVE-2022-40152 Vulnerability in maven package com.fasterxml.woodstox:woodstox-core
CVE-2023-29523 Vulnerability in maven package org.xwiki.platform:xwiki-platform-oldcore
CVE-2021-21343 Vulnerability in maven package com.thoughtworks.xstream:xstream
CVE-2023-35165 Vulnerability in npm package @aws-cdk/aws-eks