Medium severity5.4NVD Advisory· Published Jan 25, 2022· Updated Jun 17, 2026
CVE-2021-46087
CVE-2021-46087
Description
In jfinal_cms >= 5.1 0, there is a storage XSS vulnerability in the background system of CMS. Because developers do not filter the parameters submitted by the user input form, any user with background permission can affect the system security by entering malicious code.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- jfinal_cms/jfinal_cmsdescription
- Range: >=5.1.0
Patches
Vulnerability mechanics
References
1- github.com/jflyfox/jfinal_cms/issues/19nvdExploitIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.