2021-09-15 13:52:51
mitre
PUBLISHED
Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain sensitive information via the FileManager.editFile() function in the component modules/filemanager/FileManagerController.java.