VulnerableCode Package Details - pkg:maven/com.jfinal/jfinal@5.0.1

Search for packages

Vulnerability	Summary	Fixed by
VCID-82p1-qbvu-efeg Aliases: CVE-2022-33113 GHSA-9pvq-4cc7-24jg	Cross-site Scripting in Jfinal CMS	5.1.1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-82p1-qbvu-efeg
Aliases:
CVE-2022-33113
GHSA-9pvq-4cc7-24jg

Cross-site Scripting in Jfinal CMS

5.1.1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-1zbf-vz8c-6fdn		CVE-2023-50102 GHSA-p3ph-6245-4wfc
VCID-27b9-9wd8-nqb1		CVE-2023-50137 GHSA-xv7p-jw46-8r85
VCID-2nyn-zg2q-kbcy	Cross Site Scripting (XSS) vulnerability in /admin/login password parameter in JFinalcms 5.0.0 allows attackers to run arbitrary code via crafted URL.	CVE-2024-22497 GHSA-qh2w-9m7w-hjg2
VCID-354v-2fp3-gfdx		CVE-2023-49381 GHSA-r222-mcff-27ff
VCID-3nnf-d6rh-73gx		CVE-2023-49396 GHSA-882g-gjqp-9vjp
VCID-45ur-b829-rbgv		CVE-2023-49373 GHSA-cj7j-23wf-mhrx
VCID-5drm-1me6-6kcb		CVE-2023-49398 GHSA-mwvq-gc5w-m78f
VCID-5kw4-cjbh-1bdh		CVE-2023-49376 GHSA-w492-7g9m-j2ww
VCID-5yzu-2p73-2yg4	A stored XSS vulnerability exists in JFinalcms 5.0.0 via the /gusetbook/save contact parameter, which allows remote attackers to inject arbitrary web script or HTML.	CVE-2024-22492 GHSA-859h-4w58-78xw
VCID-6xjf-nmwh-2ygb		CVE-2023-50100 GHSA-3hf6-f8ch-5869
VCID-82qu-67k6-efgs		CVE-2023-49395 GHSA-8hch-q86g-j38w
VCID-b53k-vpxw-t3gh		CVE-2023-49375 GHSA-gfhv-xxqj-h323
VCID-cryu-7dxb-5ygn		CVE-2023-49397 GHSA-5f56-h6fg-rcrh
VCID-d7b4-d2ju-fkhj		CVE-2023-49487 GHSA-m42v-qv3c-h6j7
VCID-f296-yvy3-5kf9		CVE-2023-49447 GHSA-32j2-c7mx-v4jj
VCID-gjny-2bdr-x3hb		CVE-2023-49377 GHSA-r6mg-fq87-gw34
VCID-mkjz-3rsc-qyd9		CVE-2023-50449 GHSA-7x2g-4jvc-4x6p
VCID-mnj9-6xps-vfgs		CVE-2023-49372 GHSA-9wvj-wr2f-6mx6
VCID-p847-h143-mbdf		CVE-2023-49382 GHSA-6v55-h6m5-2352
VCID-pmnu-e15z-myhg		CVE-2023-49380 GHSA-765f-3mgx-24pw
VCID-q29x-aunb-47am		CVE-2023-49379 GHSA-r2wj-mxvh-wqfh
VCID-rkvt-wtkj-7fbm		CVE-2023-49486 GHSA-hjfp-2j7q-xmx4
VCID-s37r-ptss-euft		CVE-2023-49374 GHSA-r7w2-j96v-vw8m
VCID-sxvz-rf3y-yuef		CVE-2023-49446 GHSA-hv4c-v8j8-54cw
VCID-szda-c4tt-xfhk	Cross Site Scripting (XSS) vulnerability in JFinalcms 5.0.0 allows attackers to run arbitrary code via the /admin/login username parameter.	CVE-2024-22496 GHSA-v435-pfj6-68r3
VCID-uexx-rhq8-gue1		CVE-2023-49378 GHSA-gw26-cchc-8f2f
VCID-vjtk-sz1r-4yem	JFinalCMS v5.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the column management department.	CVE-2023-49485 GHSA-f2w8-4m48-5qrq
VCID-x5b2-ryqc-tyfk		CVE-2023-49448 GHSA-pv3g-vc3q-8c9g
VCID-y9s5-n6we-byhn	A stored XSS vulnerability exists in JFinalcms 5.0.0 via the /gusetbook/save content parameter, which allows remote attackers to inject arbitrary web script or HTML.	CVE-2024-22493 GHSA-3j4x-9q9q-3277
VCID-y9u5-hd6w-cbaz	JFinalcms 5.0.0 is vulnerable to Cross Site Scripting (XSS) via Label management editing.	CVE-2023-50101 GHSA-m3p6-43xj-pf9v
VCID-yekz-6x9y-23e4		CVE-2023-49383 GHSA-rq2q-hc6h-2px2

Vulnerability

Summary

Aliases

VCID-1zbf-vz8c-6fdn

CVE-2023-50102
GHSA-p3ph-6245-4wfc

VCID-27b9-9wd8-nqb1

CVE-2023-50137
GHSA-xv7p-jw46-8r85

VCID-2nyn-zg2q-kbcy

Cross Site Scripting (XSS) vulnerability in /admin/login password parameter in JFinalcms 5.0.0 allows attackers to run arbitrary code via crafted URL.

CVE-2024-22497
GHSA-qh2w-9m7w-hjg2

VCID-354v-2fp3-gfdx

CVE-2023-49381
GHSA-r222-mcff-27ff

VCID-3nnf-d6rh-73gx

CVE-2023-49396
GHSA-882g-gjqp-9vjp

VCID-45ur-b829-rbgv

CVE-2023-49373
GHSA-cj7j-23wf-mhrx

VCID-5drm-1me6-6kcb

CVE-2023-49398
GHSA-mwvq-gc5w-m78f

VCID-5kw4-cjbh-1bdh

CVE-2023-49376
GHSA-w492-7g9m-j2ww

VCID-5yzu-2p73-2yg4

A stored XSS vulnerability exists in JFinalcms 5.0.0 via the /gusetbook/save contact parameter, which allows remote attackers to inject arbitrary web script or HTML.

CVE-2024-22492
GHSA-859h-4w58-78xw

VCID-6xjf-nmwh-2ygb

CVE-2023-50100
GHSA-3hf6-f8ch-5869

VCID-82qu-67k6-efgs

CVE-2023-49395
GHSA-8hch-q86g-j38w

VCID-b53k-vpxw-t3gh

CVE-2023-49375
GHSA-gfhv-xxqj-h323

VCID-cryu-7dxb-5ygn

CVE-2023-49397
GHSA-5f56-h6fg-rcrh

VCID-d7b4-d2ju-fkhj

CVE-2023-49487
GHSA-m42v-qv3c-h6j7

VCID-f296-yvy3-5kf9

CVE-2023-49447
GHSA-32j2-c7mx-v4jj

VCID-gjny-2bdr-x3hb

CVE-2023-49377
GHSA-r6mg-fq87-gw34

VCID-mkjz-3rsc-qyd9

CVE-2023-50449
GHSA-7x2g-4jvc-4x6p

VCID-mnj9-6xps-vfgs

CVE-2023-49372
GHSA-9wvj-wr2f-6mx6

VCID-p847-h143-mbdf

CVE-2023-49382
GHSA-6v55-h6m5-2352

VCID-pmnu-e15z-myhg

CVE-2023-49380
GHSA-765f-3mgx-24pw

VCID-q29x-aunb-47am

CVE-2023-49379
GHSA-r2wj-mxvh-wqfh

VCID-rkvt-wtkj-7fbm

CVE-2023-49486
GHSA-hjfp-2j7q-xmx4

VCID-s37r-ptss-euft

CVE-2023-49374
GHSA-r7w2-j96v-vw8m

VCID-sxvz-rf3y-yuef

CVE-2023-49446
GHSA-hv4c-v8j8-54cw

VCID-szda-c4tt-xfhk

Cross Site Scripting (XSS) vulnerability in JFinalcms 5.0.0 allows attackers to run arbitrary code via the /admin/login username parameter.

CVE-2024-22496
GHSA-v435-pfj6-68r3

VCID-uexx-rhq8-gue1

CVE-2023-49378
GHSA-gw26-cchc-8f2f

VCID-vjtk-sz1r-4yem

JFinalCMS v5.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the column management department.

CVE-2023-49485
GHSA-f2w8-4m48-5qrq

VCID-x5b2-ryqc-tyfk

CVE-2023-49448
GHSA-pv3g-vc3q-8c9g

VCID-y9s5-n6we-byhn

A stored XSS vulnerability exists in JFinalcms 5.0.0 via the /gusetbook/save content parameter, which allows remote attackers to inject arbitrary web script or HTML.

CVE-2024-22493
GHSA-3j4x-9q9q-3277

VCID-y9u5-hd6w-cbaz

JFinalcms 5.0.0 is vulnerable to Cross Site Scripting (XSS) via Label management editing.

CVE-2023-50101
GHSA-m3p6-43xj-pf9v

VCID-yekz-6x9y-23e4

CVE-2023-49383
GHSA-rq2q-hc6h-2px2

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-12T19:17:15.986438+00:00	GitLab Importer	Fixing	VCID-2nyn-zg2q-kbcy	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2024-22497.yml	38.6.0
2026-06-12T19:17:10.249346+00:00	GitLab Importer	Fixing	VCID-szda-c4tt-xfhk	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2024-22496.yml	38.6.0
2026-06-12T19:16:30.009342+00:00	GitLab Importer	Fixing	VCID-y9s5-n6we-byhn	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2024-22493.yml	38.6.0
2026-06-12T19:16:28.528309+00:00	GitLab Importer	Fixing	VCID-5yzu-2p73-2yg4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2024-22492.yml	38.6.0
2026-06-12T19:13:57.312613+00:00	GitLab Importer	Fixing	VCID-1zbf-vz8c-6fdn	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-50102.yml	38.6.0
2026-06-12T19:13:55.600993+00:00	GitLab Importer	Fixing	VCID-y9u5-hd6w-cbaz	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-50101.yml	38.6.0
2026-06-12T19:13:55.306725+00:00	GitLab Importer	Fixing	VCID-6xjf-nmwh-2ygb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-50100.yml	38.6.0
2026-06-12T19:13:50.172988+00:00	GitLab Importer	Fixing	VCID-27b9-9wd8-nqb1	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-50137.yml	38.6.0
2026-06-12T19:13:13.660586+00:00	GitLab Importer	Fixing	VCID-mkjz-3rsc-qyd9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-50449.yml	38.6.0
2026-06-12T19:13:09.469565+00:00	GitLab Importer	Fixing	VCID-vjtk-sz1r-4yem	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49485.yml	38.6.0
2026-06-12T19:13:09.022358+00:00	GitLab Importer	Fixing	VCID-d7b4-d2ju-fkhj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49487.yml	38.6.0
2026-06-12T19:13:08.606122+00:00	GitLab Importer	Fixing	VCID-rkvt-wtkj-7fbm	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49486.yml	38.6.0
2026-06-12T19:12:59.686086+00:00	GitLab Importer	Fixing	VCID-gjny-2bdr-x3hb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49377.yml	38.6.0
2026-06-12T19:12:59.388532+00:00	GitLab Importer	Fixing	VCID-uexx-rhq8-gue1	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49378.yml	38.6.0
2026-06-12T19:12:59.054418+00:00	GitLab Importer	Fixing	VCID-mnj9-6xps-vfgs	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49372.yml	38.6.0
2026-06-12T19:12:58.759530+00:00	GitLab Importer	Fixing	VCID-5drm-1me6-6kcb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49398.yml	38.6.0
2026-06-12T19:12:58.478813+00:00	GitLab Importer	Fixing	VCID-45ur-b829-rbgv	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49373.yml	38.6.0
2026-06-12T19:12:58.186921+00:00	GitLab Importer	Fixing	VCID-x5b2-ryqc-tyfk	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49448.yml	38.6.0
2026-06-12T19:12:55.617766+00:00	GitLab Importer	Fixing	VCID-3nnf-d6rh-73gx	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49396.yml	38.6.0
2026-06-12T19:12:55.339437+00:00	GitLab Importer	Fixing	VCID-sxvz-rf3y-yuef	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49446.yml	38.6.0
2026-06-12T19:12:55.050162+00:00	GitLab Importer	Fixing	VCID-p847-h143-mbdf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49382.yml	38.6.0
2026-06-12T19:12:54.766175+00:00	GitLab Importer	Fixing	VCID-q29x-aunb-47am	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49379.yml	38.6.0
2026-06-12T19:12:54.194669+00:00	GitLab Importer	Fixing	VCID-yekz-6x9y-23e4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49383.yml	38.6.0
2026-06-12T19:12:53.886106+00:00	GitLab Importer	Fixing	VCID-cryu-7dxb-5ygn	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49397.yml	38.6.0
2026-06-12T19:12:53.501146+00:00	GitLab Importer	Fixing	VCID-82qu-67k6-efgs	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49395.yml	38.6.0
2026-06-12T19:12:53.177635+00:00	GitLab Importer	Fixing	VCID-s37r-ptss-euft	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49374.yml	38.6.0
2026-06-12T19:12:52.892310+00:00	GitLab Importer	Fixing	VCID-354v-2fp3-gfdx	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49381.yml	38.6.0
2026-06-12T19:12:51.841862+00:00	GitLab Importer	Fixing	VCID-pmnu-e15z-myhg	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49380.yml	38.6.0
2026-06-12T19:12:51.109357+00:00	GitLab Importer	Fixing	VCID-5kw4-cjbh-1bdh	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49376.yml	38.6.0
2026-06-12T19:12:49.348467+00:00	GitLab Importer	Fixing	VCID-f296-yvy3-5kf9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49447.yml	38.6.0
2026-06-12T19:12:48.278678+00:00	GitLab Importer	Fixing	VCID-b53k-vpxw-t3gh	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2023-49375.yml	38.6.0
2026-06-12T18:26:53.004818+00:00	GitLab Importer	Affected by	VCID-82p1-qbvu-efeg	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.jfinal/jfinal/CVE-2022-33113.yml	38.6.0