Cross Site Scripting (XSS) in Jfinal CMS v4.7.1 and previous versions allows remote malicious users to execute arbitrary code via the 'Nickname' parameter in the component '/jfinal_cms/front/person/profile.html'.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jflyfox jfinal cms |