Cross Site Scripting (XSS) in Jfinal CMS... CVE-2020-19148

3.5 AV AC AU C I A
发布: 2021-09-15
修订: 2024-11-21

Cross Site Scripting (XSS) in Jfinal CMS v4.7.1 and earlier allows remote attackers to execute arbitrary code via the 'Nickname' parameter in the component '/jfinal_cms/front/person/profile.html'.

0%

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有1条受影响产品信息