Improper Access Control in Jfinal CMS v4.7.1 and previous versions allows remote malicious users to obtain sensitive information or cause a denial of service via the 'FileManager.delete()' function in the component 'modules/filemanager/FileManagerController.java'.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jflyfox jfinal cms |