Vulnerabilities > Jfinalcms Project > Jfinalcms > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-08 | CVE-2023-49485 | Cross-site Scripting vulnerability in Jfinalcms Project Jfinalcms 5.0.0 JFinalCMS v5.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the column management department. | 5.4 |
| 2023-12-08 | CVE-2023-49486 | Cross-site Scripting vulnerability in Jfinalcms Project Jfinalcms 5.0.0 JFinalCMS v5.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the model management department. | 5.4 |
| 2023-12-08 | CVE-2023-49487 | Cross-site Scripting vulnerability in Jfinalcms Project Jfinalcms 5.0.0 JFinalCMS v5.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the navigation management department. | 5.4 |
| 2023-09-19 | CVE-2023-41599 | Path Traversal vulnerability in Jfinalcms Project Jfinalcms 5.0.0 An issue in the component /common/DownController.java of JFinalCMS v5.0.0 allows attackers to execute a directory traversal. | 5.3 |