Improper Access Control in Jfinal CMS v4.7.1 and previous versions allows remote malicious users to obtain sensitive information via the 'FileManager.editFile()' function in the component 'modules/filemanager/FileManagerController.java'.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jflyfox jfinal cms |