CVE-2022-29648

A cross-site scripting (XSS) vulnerability in Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted X-Forwarded-For request.

Link	Resource
https://github.com/jflyfox/jfinal_cms/issues/34	Exploit Issue Tracking

Configuration 1

cpe:2.3:a:jflyfox:jfinal_cms:5.1.0:*:*:*:*:*:*:*

---

Published : 2022-06-02 02:15

Updated : 2022-06-09 07:55

---

NVD link : CVE-2022-29648

Mitre link : CVE-2022-29648

No products.

CWE-79