CVE-2024-22492

Publication date

2024-01-12 00:00:00

Family

mitre

State

PUBLISHED

Description

A stored XSS vulnerability exists in JFinalcms 5.0.0 via the /gusetbook/save contact parameter, which allows remote attackers to inject arbitrary web script or HTML.