2021-09-15 13:52:48
mitre
PUBLISHED
Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain sensitive infromation via the getFolder() function in the component /modules/filemanager/FileManager.java.