VulnerableCode Package Details - pkg:maven/com.jfinal/jfinal@4.9.23

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/com.jfinal/jfinal@4.9.23

Essentials
History (32)

purl	pkg:maven/com.jfinal/jfinal@4.9.23

Next non-vulnerable version	5.1.1
Latest non-vulnerable version	5.1.1
Risk	4.0

Vulnerabilities affecting this package (32)

Vulnerability	Summary	Fixed by
VCID-1zbf-vz8c-6fdn Aliases: CVE-2023-50102 GHSA-p3ph-6245-4wfc		5.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-27b9-9wd8-nqb1 Aliases: CVE-2023-50137 GHSA-xv7p-jw46-8r85		5.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-2nyn-zg2q-kbcy Aliases: CVE-2024-22497 GHSA-qh2w-9m7w-hjg2	Cross Site Scripting (XSS) vulnerability in /admin/login password parameter in JFinalcms 5.0.0 allows attackers to run arbitrary code via crafted URL.	5.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-354v-2fp3-gfdx Aliases: CVE-2023-49381 GHSA-r222-mcff-27ff		5.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-3nnf-d6rh-73gx Aliases: CVE-2023-49396 GHSA-882g-gjqp-9vjp		5.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-45ur-b829-rbgv Aliases: CVE-2023-49373 GHSA-cj7j-23wf-mhrx		5.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-5drm-1me6-6kcb Aliases: CVE-2023-49398 GHSA-mwvq-gc5w-m78f		5.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-5kw4-cjbh-1bdh Aliases: CVE-2023-49376 GHSA-w492-7g9m-j2ww		5.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-5yzu-2p73-2yg4 Aliases: CVE-2024-22492 GHSA-859h-4w58-78xw	A stored XSS vulnerability exists in JFinalcms 5.0.0 via the /gusetbook/save contact parameter, which allows remote attackers to inject arbitrary web script or HTML.	5.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-6xjf-nmwh-2ygb Aliases: CVE-2023-50100 GHSA-3hf6-f8ch-5869		5.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-82p1-qbvu-efeg Aliases: CVE-2022-33113 GHSA-9pvq-4cc7-24jg	Cross-site Scripting in Jfinal CMS	5.1.1 Affected by 0 other vulnerabilities.
VCID-82qu-67k6-efgs Aliases: CVE-2023-49395 GHSA-8hch-q86g-j38w		5.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-b53k-vpxw-t3gh Aliases: CVE-2023-49375 GHSA-gfhv-xxqj-h323		5.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-cryu-7dxb-5ygn Aliases: CVE-2023-49397 GHSA-5f56-h6fg-rcrh		5.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-d7b4-d2ju-fkhj Aliases: CVE-2023-49487 GHSA-m42v-qv3c-h6j7		5.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-f296-yvy3-5kf9 Aliases: CVE-2023-49447 GHSA-32j2-c7mx-v4jj		5.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-gjny-2bdr-x3hb Aliases: CVE-2023-49377 GHSA-r6mg-fq87-gw34		5.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-mkjz-3rsc-qyd9 Aliases: CVE-2023-50449 GHSA-7x2g-4jvc-4x6p		5.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-mnj9-6xps-vfgs Aliases: CVE-2023-49372 GHSA-9wvj-wr2f-6mx6		5.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-p847-h143-mbdf Aliases: CVE-2023-49382 GHSA-6v55-h6m5-2352		5.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-pmnu-e15z-myhg Aliases: CVE-2023-49380 GHSA-765f-3mgx-24pw		5.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-q29x-aunb-47am Aliases: CVE-2023-49379 GHSA-r2wj-mxvh-wqfh		5.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-rkvt-wtkj-7fbm Aliases: CVE-2023-49486 GHSA-hjfp-2j7q-xmx4		5.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-s37r-ptss-euft Aliases: CVE-2023-49374 GHSA-r7w2-j96v-vw8m		5.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-sxvz-rf3y-yuef Aliases: CVE-2023-49446 GHSA-hv4c-v8j8-54cw		5.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-szda-c4tt-xfhk Aliases: CVE-2024-22496 GHSA-v435-pfj6-68r3	Cross Site Scripting (XSS) vulnerability in JFinalcms 5.0.0 allows attackers to run arbitrary code via the /admin/login username parameter.	5.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-uexx-rhq8-gue1 Aliases: CVE-2023-49378 GHSA-gw26-cchc-8f2f		5.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-vjtk-sz1r-4yem Aliases: CVE-2023-49485 GHSA-f2w8-4m48-5qrq	JFinalCMS v5.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the column management department.	5.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-x5b2-ryqc-tyfk Aliases: CVE-2023-49448 GHSA-pv3g-vc3q-8c9g		5.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-y9s5-n6we-byhn Aliases: CVE-2024-22493 GHSA-3j4x-9q9q-3277	A stored XSS vulnerability exists in JFinalcms 5.0.0 via the /gusetbook/save content parameter, which allows remote attackers to inject arbitrary web script or HTML.	5.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-y9u5-hd6w-cbaz Aliases: CVE-2023-50101 GHSA-m3p6-43xj-pf9v	JFinalcms 5.0.0 is vulnerable to Cross Site Scripting (XSS) via Label management editing.	5.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-yekz-6x9y-23e4 Aliases: CVE-2023-49383 GHSA-rq2q-hc6h-2px2		5.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-12T19:17:15.979784+00:00	GitLab Importer	Affected by	VCID-2nyn-zg2q-kbcy	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2024-22497.yml	38.6.0
2026-06-12T19:17:10.242334+00:00	GitLab Importer	Affected by	VCID-szda-c4tt-xfhk	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2024-22496.yml	38.6.0
2026-06-12T19:16:30.002414+00:00	GitLab Importer	Affected by	VCID-y9s5-n6we-byhn	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2024-22493.yml	38.6.0
2026-06-12T19:16:28.521284+00:00	GitLab Importer	Affected by	VCID-5yzu-2p73-2yg4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2024-22492.yml	38.6.0
2026-06-12T19:13:57.305509+00:00	GitLab Importer	Affected by	VCID-1zbf-vz8c-6fdn	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-50102.yml	38.6.0
2026-06-12T19:13:55.594058+00:00	GitLab Importer	Affected by	VCID-y9u5-hd6w-cbaz	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-50101.yml	38.6.0
2026-06-12T19:13:55.299048+00:00	GitLab Importer	Affected by	VCID-6xjf-nmwh-2ygb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-50100.yml	38.6.0
2026-06-12T19:13:50.165948+00:00	GitLab Importer	Affected by	VCID-27b9-9wd8-nqb1	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-50137.yml	38.6.0
2026-06-12T19:13:13.653579+00:00	GitLab Importer	Affected by	VCID-mkjz-3rsc-qyd9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-50449.yml	38.6.0
2026-06-12T19:13:09.461734+00:00	GitLab Importer	Affected by	VCID-vjtk-sz1r-4yem	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49485.yml	38.6.0
2026-06-12T19:13:09.015334+00:00	GitLab Importer	Affected by	VCID-d7b4-d2ju-fkhj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49487.yml	38.6.0
2026-06-12T19:13:08.599014+00:00	GitLab Importer	Affected by	VCID-rkvt-wtkj-7fbm	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49486.yml	38.6.0
2026-06-12T19:12:59.678715+00:00	GitLab Importer	Affected by	VCID-gjny-2bdr-x3hb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49377.yml	38.6.0
2026-06-12T19:12:59.380778+00:00	GitLab Importer	Affected by	VCID-uexx-rhq8-gue1	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49378.yml	38.6.0
2026-06-12T19:12:59.046535+00:00	GitLab Importer	Affected by	VCID-mnj9-6xps-vfgs	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49372.yml	38.6.0
2026-06-12T19:12:58.752456+00:00	GitLab Importer	Affected by	VCID-5drm-1me6-6kcb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49398.yml	38.6.0
2026-06-12T19:12:58.472078+00:00	GitLab Importer	Affected by	VCID-45ur-b829-rbgv	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49373.yml	38.6.0
2026-06-12T19:12:58.179715+00:00	GitLab Importer	Affected by	VCID-x5b2-ryqc-tyfk	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49448.yml	38.6.0
2026-06-12T19:12:55.611044+00:00	GitLab Importer	Affected by	VCID-3nnf-d6rh-73gx	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49396.yml	38.6.0
2026-06-12T19:12:55.332378+00:00	GitLab Importer	Affected by	VCID-sxvz-rf3y-yuef	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49446.yml	38.6.0
2026-06-12T19:12:55.043291+00:00	GitLab Importer	Affected by	VCID-p847-h143-mbdf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49382.yml	38.6.0
2026-06-12T19:12:54.759262+00:00	GitLab Importer	Affected by	VCID-q29x-aunb-47am	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49379.yml	38.6.0
2026-06-12T19:12:54.187740+00:00	GitLab Importer	Affected by	VCID-yekz-6x9y-23e4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49383.yml	38.6.0
2026-06-12T19:12:53.879345+00:00	GitLab Importer	Affected by	VCID-cryu-7dxb-5ygn	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49397.yml	38.6.0
2026-06-12T19:12:53.494412+00:00	GitLab Importer	Affected by	VCID-82qu-67k6-efgs	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49395.yml	38.6.0
2026-06-12T19:12:53.170874+00:00	GitLab Importer	Affected by	VCID-s37r-ptss-euft	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49374.yml	38.6.0
2026-06-12T19:12:52.884964+00:00	GitLab Importer	Affected by	VCID-354v-2fp3-gfdx	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49381.yml	38.6.0
2026-06-12T19:12:51.834926+00:00	GitLab Importer	Affected by	VCID-pmnu-e15z-myhg	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49380.yml	38.6.0
2026-06-12T19:12:51.102342+00:00	GitLab Importer	Affected by	VCID-5kw4-cjbh-1bdh	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49376.yml	38.6.0
2026-06-12T19:12:49.341458+00:00	GitLab Importer	Affected by	VCID-f296-yvy3-5kf9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49447.yml	38.6.0
2026-06-12T19:12:48.271436+00:00	GitLab Importer	Affected by	VCID-b53k-vpxw-t3gh	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49375.yml	38.6.0
2026-06-12T18:26:52.995404+00:00	GitLab Importer	Affected by	VCID-82p1-qbvu-efeg	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2022-33113.yml	38.6.0