2021-09-15 13:52:49
mitre
PUBLISHED
Cross Site Scripting (XSS) in Jfinal CMS v4.7.1 and earlier allows remote attackers to execute arbitrary code via the Nickname parameter in the component /jfinal_cms/front/person/profile.html.