CVE-2023-22975
- Reference to the description:
- Description:
- A cross-site scripting (XSS) vulnerability in JFinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email parameter under /front/person/profile.html.
- Last updated date:
- 03/08/2024
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 02/09/2023
- Reference url to background