A stored XSS vulnerability exists in JFinalcms 5.0.0 via the /gusetbook/save contact parameter, which allows remote malicious users to inject arbitrary web script or HTML.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jfinalcms project jfinalcms 5.0.0 |