Vulnerabilities > CVE-2021-31635 - Unspecified vulnerability in Jfinal 4.9.08

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

critical

NVD

Published: 2023-06-26

Updated: 2023-07-05

Summary

Server-Side Template Injection (SSTI) vulnerability in jFinal v.4.9.08 allows a remote attacker to execute arbitrary code via the template function.

Part	Description	Count
Application	Jfinal Jfinal Jfinal 4.9.08	1