CVE-2023-24747: XSS
First published: Wed Apr 05 2023(Updated: )
Jfinal CMS v5.1 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /system/dict/list.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Jflyfox Jfinal Cms | =5.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID of Jfinal CMS?
The vulnerability ID of Jfinal CMS is CVE-2023-24747.
What is the severity level of CVE-2023-24747?
The severity level of CVE-2023-24747 is medium (5.4).
How does the XSS vulnerability in Jfinal CMS occur?
The XSS vulnerability in Jfinal CMS occurs via the component /system/dict/list.
Which version of Jfinal CMS is affected by CVE-2023-24747?
Version 5.1 of Jfinal CMS is affected by CVE-2023-24747.
Is there a fix available for the XSS vulnerability in Jfinal CMS?
Yes, there may be fixes available for the XSS vulnerability in Jfinal CMS. Please refer to the provided reference for more information.
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/type
- agent/tags
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/jflyfox
- canonical/jflyfox jfinal cms
- version/jflyfox jfinal cms/5.1