JFinalcms 5.0.0 is vulnerable to Cross Site Scripting (XSS) in the site management office.
jfinalcms project jfinalcms 5.0.0