Medium severity5.4NVD Advisory· Published Apr 11, 2022· Updated Jun 17, 2026
CVE-2022-27111
CVE-2022-27111
Description
Jfinal_CMS 5.1.0 allows attackers to use the feedback function to send malicious XSS code to the administrator backend and execute it.
Affected products
2- Jfinal_CMS/Jfinal_CMSdescription
- Range: 5.1.0
Patches
Vulnerability mechanics
References
1- github.com/jflyfox/jfinal_cms/issues/32nvdExploitIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.