Moderate severityNVD Advisory· Published Jan 23, 2024· Updated May 30, 2025
CVE-2024-22497
CVE-2024-22497
Description
Cross Site Scripting (XSS) vulnerability in /admin/login password parameter in JFinalcms 5.0.0 allows attackers to run arbitrary code via crafted URL.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
com.jfinal:jfinalMaven | <= 5.0.0 | — |
Affected products
2- JFinalcms/JFinalcmsdescription
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.