VYPR
Unrated severityNVD Advisory· Published Jan 16, 2025· Updated Jan 21, 2025

CVE-2024-57774

CVE-2024-57774

Description

A cross-site scripting (XSS) vulnerability in the getBusinessUploadListPage?busid interface of JFinalOA before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.

Affected products

2
  • JFinalOA/JFinalOAdescription
  • Jfinal/Jfinalllm-fuzzy
    Range: <2025.01.01

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.