High severity7.2NVD Advisory· Published Jun 23, 2022· Updated Jun 17, 2026
CVE-2022-33114
CVE-2022-33114
Description
Jfinal CMS v5.1.0 was discovered to contain a SQL injection vulnerability via the attrVal parameter at /jfinal_cms/system/dict/list.
Affected products
2- Jfinal CMS/Jfinal CMSdescription
- Range: =5.1.0
Patches
Vulnerability mechanics
References
1- github.com/jflyfox/jfinal_cms/issues/38nvdExploitIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.