Cross Site Scripting (XSS) vulnerability in JFinalcms 5.0.0 allows malicious users to run arbitrary code via the /admin/login username parameter.
jfinalcms project jfinalcms 5.0.0