Com.jflyfox:jflyfox_jfinal
This hub aggregates every CVE we track for Com.jflyfox:jflyfox_jfinal, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
6
CVEs tracked
4
Critical
0
High
0
In CISA KEV
Severity distribution
CRITICAL4MEDIUM2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 6 most recently published vulnerabilities affecting Com.jflyfox:jflyfox_jfinal.
- CVE-2023-30349JFinal CMS v5.1.0 was discovered to contain a remote code execution (RCE) vulnerability via the ActionEnter function.9.8
- CVE-2022-36527Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the post title text field under the publish blog module.5.4
- CVE-2022-37223JFinal CMS 5.1.0 is vulnerable to SQL Injection via /jfinal_cms/system/role/list.9.8
- CVE-2022-37199JFinal CMS 5.1.0 is vulnerable to SQL Injection via /jfinal_cms/system/user/list.9.8
- CVE-2022-29648A cross-site scripting (XSS) vulnerability in Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted X-Forwarded-For request.5.4
- CVE-2022-30500Jfinal cms 5.1.0 is vulnerable to SQL Injection.9.8
Product normalization is registry-driven with AI assist and human review. How it works