A cross-site scripting (XSS) vulnerability in Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted X-Forwarded-For request.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| com.jflyfox:jflyfox_jfinal(Maven) | 0 | N/A | N/A |
CVSS Metrics
