Moderate severityNVD Advisory· Published Jan 23, 2024· Updated Jun 5, 2025
CVE-2024-22496
CVE-2024-22496
Description
Cross Site Scripting (XSS) vulnerability in JFinalcms 5.0.0 allows attackers to run arbitrary code via the /admin/login username parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
com.jfinal:jfinalMaven | <= 5.0.0 | — |
Affected products
2- JFinalcms/JFinalcmsdescription
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.