Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/com.jfinal/jfinal@4.9.02

Type maven

Namespace com.jfinal

Name jfinal

Version 4.9.02

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 5.1.1

Latest_non_vulnerable_version 5.1.1

Affected_by_vulnerabilities

url VCID-112z-vk29-mqfp

vulnerability_id VCID-112z-vk29-mqfp

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-33348

reference_id

reference_type

scores

value	0.00201
scoring_system	epss
scoring_elements	0.42175
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-33348

reference_url

https://github.com/jfinal/jfinal/issues/188

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/jfinal/jfinal/issues/188

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-33348

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-33348

reference_url

https://github.com/advisories/GHSA-2c25-xfpq-8w9r

reference_id

GHSA-2c25-xfpq-8w9r

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-2c25-xfpq-8w9r

fixed_packages

url pkg:maven/com.jfinal/jfinal@4.9.11

purl pkg:maven/com.jfinal/jfinal@4.9.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zbf-vz8c-6fdn

vulnerability	VCID-27b9-9wd8-nqb1

vulnerability	VCID-2nyn-zg2q-kbcy

vulnerability	VCID-354v-2fp3-gfdx

vulnerability	VCID-3nnf-d6rh-73gx

vulnerability	VCID-45ur-b829-rbgv

vulnerability	VCID-5drm-1me6-6kcb

vulnerability	VCID-5kw4-cjbh-1bdh

vulnerability	VCID-5yzu-2p73-2yg4

vulnerability	VCID-6xjf-nmwh-2ygb

vulnerability	VCID-82p1-qbvu-efeg

vulnerability	VCID-82qu-67k6-efgs

vulnerability	VCID-b53k-vpxw-t3gh

vulnerability	VCID-cryu-7dxb-5ygn

vulnerability	VCID-d7b4-d2ju-fkhj

vulnerability	VCID-f296-yvy3-5kf9

vulnerability	VCID-gjny-2bdr-x3hb

vulnerability	VCID-mkjz-3rsc-qyd9

vulnerability	VCID-mnj9-6xps-vfgs

vulnerability	VCID-p847-h143-mbdf

vulnerability	VCID-pmnu-e15z-myhg

vulnerability	VCID-q29x-aunb-47am

vulnerability	VCID-rkvt-wtkj-7fbm

vulnerability	VCID-s37r-ptss-euft

vulnerability	VCID-sxvz-rf3y-yuef

vulnerability	VCID-szda-c4tt-xfhk

vulnerability	VCID-uexx-rhq8-gue1

vulnerability	VCID-vjtk-sz1r-4yem

vulnerability	VCID-x5b2-ryqc-tyfk

vulnerability	VCID-y9s5-n6we-byhn

vulnerability	VCID-y9u5-hd6w-cbaz

vulnerability	VCID-yekz-6x9y-23e4

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@4.9.11

aliases CVE-2021-33348, GHSA-2c25-xfpq-8w9r

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-112z-vk29-mqfp

url VCID-1zbf-vz8c-6fdn

vulnerability_id VCID-1zbf-vz8c-6fdn

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-50102

reference_id

reference_type

scores

value	0.00193
scoring_system	epss
scoring_elements	0.41187
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-50102

reference_url

https://github.com/Jarvis-616/cms/blob/master/Content%20data%20exists%20in%20storage%20XSS%20for%20editing.md

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/Jarvis-616/cms/blob/master/Content%20data%20exists%20in%20storage%20XSS%20for%20editing.md

reference_url

https://github.com/jfinal/jfinal

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/jfinal/jfinal

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-50102

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-50102

reference_url

https://github.com/advisories/GHSA-p3ph-6245-4wfc

reference_id

GHSA-p3ph-6245-4wfc

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-p3ph-6245-4wfc

fixed_packages

url pkg:maven/com.jfinal/jfinal@5.0.1

purl pkg:maven/com.jfinal/jfinal@5.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-82p1-qbvu-efeg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1

aliases CVE-2023-50102, GHSA-p3ph-6245-4wfc

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1zbf-vz8c-6fdn

url VCID-27b9-9wd8-nqb1

vulnerability_id VCID-27b9-9wd8-nqb1

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-50137

reference_id

reference_type

scores

value	0.00107
scoring_system	epss
scoring_elements	0.28428
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-50137

reference_url

https://github.com/jfinal/jfinal

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/jfinal/jfinal

reference_url

https://github.com/yukino-hiki/CVE/blob/main/3/There%20is%20a%20storage%20type%20xss%20in%20the%20site%20management%20office.md

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/yukino-hiki/CVE/blob/main/3/There%20is%20a%20storage%20type%20xss%20in%20the%20site%20management%20office.md

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-50137

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-50137

reference_url

https://github.com/advisories/GHSA-xv7p-jw46-8r85

reference_id

GHSA-xv7p-jw46-8r85

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-xv7p-jw46-8r85

fixed_packages

url pkg:maven/com.jfinal/jfinal@5.0.1

purl pkg:maven/com.jfinal/jfinal@5.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-82p1-qbvu-efeg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1

aliases CVE-2023-50137, GHSA-xv7p-jw46-8r85

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-27b9-9wd8-nqb1

url VCID-2nyn-zg2q-kbcy

vulnerability_id VCID-2nyn-zg2q-kbcy

summary Cross Site Scripting (XSS) vulnerability in /admin/login password parameter in JFinalcms 5.0.0 allows attackers to run arbitrary code via crafted URL.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-22497

reference_id

reference_type

scores

value	0.00125
scoring_system	epss
scoring_elements	0.31305
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-22497

reference_url

https://github.com/cui2shark/security/blob/main/%28JFinalcms%20admin-login-password%29%20.md

reference_id

%28JFinalcms%20admin-login-password%29%20.md

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-09T23:37:37Z/

url

https://github.com/cui2shark/security/blob/main/%28JFinalcms%20admin-login-password%29%20.md

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-22497

reference_id

CVE-2024-22497

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-22497

reference_url

https://github.com/advisories/GHSA-qh2w-9m7w-hjg2

reference_id

GHSA-qh2w-9m7w-hjg2

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-qh2w-9m7w-hjg2

fixed_packages

url pkg:maven/com.jfinal/jfinal@5.0.1

purl pkg:maven/com.jfinal/jfinal@5.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-82p1-qbvu-efeg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1

aliases CVE-2024-22497, GHSA-qh2w-9m7w-hjg2

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2nyn-zg2q-kbcy

url VCID-354v-2fp3-gfdx

vulnerability_id VCID-354v-2fp3-gfdx

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-49381

reference_id

reference_type

scores

value	0.00268
scoring_system	epss
scoring_elements	0.50543
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-49381

reference_url

https://github.com/cui2shark/cms/blob/main/CSRF%20exists%20at%20the%20modification%20point%20of%20the%20custom%20table.md

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/cui2shark/cms/blob/main/CSRF%20exists%20at%20the%20modification%20point%20of%20the%20custom%20table.md

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-49381

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-49381

reference_url

https://github.com/advisories/GHSA-r222-mcff-27ff

reference_id

GHSA-r222-mcff-27ff

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-r222-mcff-27ff

fixed_packages

url pkg:maven/com.jfinal/jfinal@5.0.1

purl pkg:maven/com.jfinal/jfinal@5.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-82p1-qbvu-efeg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1

aliases CVE-2023-49381, GHSA-r222-mcff-27ff

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-354v-2fp3-gfdx

url VCID-3fcp-e5ym-m7ha

vulnerability_id VCID-3fcp-e5ym-m7ha

summary JFinal Java Deserialization Vulnerability

references

reference_url

http://note.youdao.com/noteshare?id=787ccbb8345dbd4a905aebe35f1d8aa8&sub=6C5C072C901949429EFD978405212FA4

reference_id

reference_type

scores

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://note.youdao.com/noteshare?id=787ccbb8345dbd4a905aebe35f1d8aa8&sub=6C5C072C901949429EFD978405212FA4

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-31649

reference_id

reference_type

scores

value	0.00405
scoring_system	epss
scoring_elements	0.61456
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-31649

reference_url

https://github.com/jfinal/jfinal/issues/184

reference_id

reference_type

scores

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/jfinal/jfinal/issues/184

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-31649

reference_id

CVE-2021-31649

reference_type

scores

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-31649

reference_url

https://github.com/advisories/GHSA-h3j8-fr5q-8rfr

reference_id

GHSA-h3j8-fr5q-8rfr

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-h3j8-fr5q-8rfr

fixed_packages

url pkg:maven/com.jfinal/jfinal@4.9.09

purl pkg:maven/com.jfinal/jfinal@4.9.09

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-112z-vk29-mqfp

vulnerability	VCID-1zbf-vz8c-6fdn

vulnerability	VCID-27b9-9wd8-nqb1

vulnerability	VCID-2nyn-zg2q-kbcy

vulnerability	VCID-354v-2fp3-gfdx

vulnerability	VCID-3nnf-d6rh-73gx

vulnerability	VCID-45ur-b829-rbgv

vulnerability	VCID-5drm-1me6-6kcb

vulnerability	VCID-5kw4-cjbh-1bdh

vulnerability	VCID-5yzu-2p73-2yg4

vulnerability	VCID-6xjf-nmwh-2ygb

vulnerability	VCID-82p1-qbvu-efeg

vulnerability	VCID-82qu-67k6-efgs

vulnerability	VCID-b53k-vpxw-t3gh

vulnerability	VCID-cryu-7dxb-5ygn

vulnerability	VCID-d7b4-d2ju-fkhj

vulnerability	VCID-f296-yvy3-5kf9

vulnerability	VCID-gjny-2bdr-x3hb

vulnerability	VCID-mkjz-3rsc-qyd9

vulnerability	VCID-mnj9-6xps-vfgs

vulnerability	VCID-p847-h143-mbdf

vulnerability	VCID-pmnu-e15z-myhg

vulnerability	VCID-q29x-aunb-47am

vulnerability	VCID-rkvt-wtkj-7fbm

vulnerability	VCID-s37r-ptss-euft

vulnerability	VCID-sxvz-rf3y-yuef

vulnerability	VCID-szda-c4tt-xfhk

vulnerability	VCID-uexx-rhq8-gue1

vulnerability	VCID-vjtk-sz1r-4yem

vulnerability	VCID-x5b2-ryqc-tyfk

vulnerability	VCID-y9s5-n6we-byhn

vulnerability	VCID-y9u5-hd6w-cbaz

vulnerability	VCID-yekz-6x9y-23e4

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@4.9.09

aliases CVE-2021-31649, GHSA-h3j8-fr5q-8rfr

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3fcp-e5ym-m7ha

url VCID-3nnf-d6rh-73gx

vulnerability_id VCID-3nnf-d6rh-73gx

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-49396

reference_id

reference_type

scores

value	0.00268
scoring_system	epss
scoring_elements	0.50543
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-49396

reference_url

https://github.com/nightcloudos/new_cms/blob/main/CSRF%20exists%20at%20the%20newly%20added%20section%20of%20column%20management.md

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/nightcloudos/new_cms/blob/main/CSRF%20exists%20at%20the%20newly%20added%20section%20of%20column%20management.md

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-49396

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-49396

reference_url

https://github.com/advisories/GHSA-882g-gjqp-9vjp

reference_id

GHSA-882g-gjqp-9vjp

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-882g-gjqp-9vjp

fixed_packages

url pkg:maven/com.jfinal/jfinal@5.0.1

purl pkg:maven/com.jfinal/jfinal@5.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-82p1-qbvu-efeg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1

aliases CVE-2023-49396, GHSA-882g-gjqp-9vjp

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3nnf-d6rh-73gx

url VCID-45ur-b829-rbgv

vulnerability_id VCID-45ur-b829-rbgv

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-49373

reference_id

reference_type

scores

value	0.00268
scoring_system	epss
scoring_elements	0.50543
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-49373

reference_url

https://github.com/jfinal/jfinal

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/jfinal/jfinal

reference_url

https://github.com/li-yu320/cms/blob/main/There%20is%20a%20CSRF%20at%20the%20deletion%20point%20of%20the%20broadcast%20image.md

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/li-yu320/cms/blob/main/There%20is%20a%20CSRF%20at%20the%20deletion%20point%20of%20the%20broadcast%20image.md

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-49373

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-49373

reference_url

https://github.com/advisories/GHSA-cj7j-23wf-mhrx

reference_id

GHSA-cj7j-23wf-mhrx

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-cj7j-23wf-mhrx

fixed_packages

url pkg:maven/com.jfinal/jfinal@5.0.1

purl pkg:maven/com.jfinal/jfinal@5.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-82p1-qbvu-efeg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1

aliases CVE-2023-49373, GHSA-cj7j-23wf-mhrx

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-45ur-b829-rbgv

url VCID-5drm-1me6-6kcb

vulnerability_id VCID-5drm-1me6-6kcb

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-49398

reference_id

reference_type

scores

value	0.00268
scoring_system	epss
scoring_elements	0.50543
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-49398

reference_url

https://github.com/nightcloudos/new_cms/blob/main/CSRF%20exists%20at%20the%20deletion%20point%20of%20column%20management.md

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/nightcloudos/new_cms/blob/main/CSRF%20exists%20at%20the%20deletion%20point%20of%20column%20management.md

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-49398

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-49398

reference_url

https://github.com/advisories/GHSA-mwvq-gc5w-m78f

reference_id

GHSA-mwvq-gc5w-m78f

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-mwvq-gc5w-m78f

fixed_packages

url pkg:maven/com.jfinal/jfinal@5.0.1

purl pkg:maven/com.jfinal/jfinal@5.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-82p1-qbvu-efeg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1

aliases CVE-2023-49398, GHSA-mwvq-gc5w-m78f

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5drm-1me6-6kcb

url VCID-5kw4-cjbh-1bdh

vulnerability_id VCID-5kw4-cjbh-1bdh

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-49376

reference_id

reference_type

scores

value	0.00268
scoring_system	epss
scoring_elements	0.50543
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-49376

reference_url

https://github.com/cui2shark/cms/blob/main/Delete%20existing%20CSRF%20in%20label%20management.md

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/cui2shark/cms/blob/main/Delete%20existing%20CSRF%20in%20label%20management.md

reference_url

https://github.com/jfinal/jfinal

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/jfinal/jfinal

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-49376

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-49376

reference_url

https://github.com/advisories/GHSA-w492-7g9m-j2ww

reference_id

GHSA-w492-7g9m-j2ww

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-w492-7g9m-j2ww

fixed_packages

url pkg:maven/com.jfinal/jfinal@5.0.1

purl pkg:maven/com.jfinal/jfinal@5.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-82p1-qbvu-efeg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1

aliases CVE-2023-49376, GHSA-w492-7g9m-j2ww

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5kw4-cjbh-1bdh

url VCID-5yzu-2p73-2yg4

vulnerability_id VCID-5yzu-2p73-2yg4

summary A stored XSS vulnerability exists in JFinalcms 5.0.0 via the /gusetbook/save contact parameter, which allows remote attackers to inject arbitrary web script or HTML.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-22492

reference_id

reference_type

scores

value	0.00127
scoring_system	epss
scoring_elements	0.31626
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-22492

reference_url

https://github.com/cui2shark/security/blob/main/%28JFinalcms%20contact%20para%29A%20stored%20cross-site%20scripting%20%28XSS%29%20vulnerability%20was%20discovered%20in%20Jfinalcms%20contact%20para.md

reference_id

%28JFinalcms%20contact%20para%29A%20stored%20cross-site%20scripting%20%28XSS%29%20vulnerability%20was%20discovered%20in%20Jfinalcms%20contact%20para.md

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:25:20Z/

url

https://github.com/cui2shark/security/blob/main/%28JFinalcms%20contact%20para%29A%20stored%20cross-site%20scripting%20%28XSS%29%20vulnerability%20was%20discovered%20in%20Jfinalcms%20contact%20para.md

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-22492

reference_id

CVE-2024-22492

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-22492

reference_url

https://github.com/advisories/GHSA-859h-4w58-78xw

reference_id

GHSA-859h-4w58-78xw

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-859h-4w58-78xw

fixed_packages

url pkg:maven/com.jfinal/jfinal@5.0.1

purl pkg:maven/com.jfinal/jfinal@5.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-82p1-qbvu-efeg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1

aliases CVE-2024-22492, GHSA-859h-4w58-78xw

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5yzu-2p73-2yg4

url VCID-6xjf-nmwh-2ygb

vulnerability_id VCID-6xjf-nmwh-2ygb

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-50100

reference_id

reference_type

scores

value	0.00107
scoring_system	epss
scoring_elements	0.28428
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-50100

reference_url

https://github.com/Jarvis-616/cms/blob/master/There%20is%20a%20storage%20type%20XSS%20for%20carousel%20image%20editing.md

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/Jarvis-616/cms/blob/master/There%20is%20a%20storage%20type%20XSS%20for%20carousel%20image%20editing.md

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-50100

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-50100

reference_url

https://github.com/advisories/GHSA-3hf6-f8ch-5869

reference_id

GHSA-3hf6-f8ch-5869

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-3hf6-f8ch-5869

fixed_packages

url pkg:maven/com.jfinal/jfinal@5.0.1

purl pkg:maven/com.jfinal/jfinal@5.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-82p1-qbvu-efeg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1

aliases CVE-2023-50100, GHSA-3hf6-f8ch-5869

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6xjf-nmwh-2ygb

url VCID-82p1-qbvu-efeg

vulnerability_id VCID-82p1-qbvu-efeg

summary Cross-site Scripting in Jfinal CMS

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-33113

reference_id

reference_type

scores

value	0.00191
scoring_system	epss
scoring_elements	0.40949
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-33113

reference_url

https://github.com/jflyfox/jfinal_cms/issues/39

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/jflyfox/jfinal_cms/issues/39

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-33113

reference_id

CVE-2022-33113

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-33113

reference_url

https://github.com/advisories/GHSA-9pvq-4cc7-24jg

reference_id

GHSA-9pvq-4cc7-24jg

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-9pvq-4cc7-24jg

fixed_packages

url	pkg:maven/com.jfinal/jfinal@5.1.1
purl	pkg:maven/com.jfinal/jfinal@5.1.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.1.1

aliases CVE-2022-33113, GHSA-9pvq-4cc7-24jg

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-82p1-qbvu-efeg

url VCID-82qu-67k6-efgs

vulnerability_id VCID-82qu-67k6-efgs

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-49395

reference_id

reference_type

scores

value	0.00268
scoring_system	epss
scoring_elements	0.50543
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-49395

reference_url

https://github.com/nightcloudos/new_cms/blob/main/CSRF%20exists%20in%20the%20column%20management%20modification%20section.md

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/nightcloudos/new_cms/blob/main/CSRF%20exists%20in%20the%20column%20management%20modification%20section.md

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-49395

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-49395

reference_url

https://github.com/advisories/GHSA-8hch-q86g-j38w

reference_id

GHSA-8hch-q86g-j38w

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-8hch-q86g-j38w

fixed_packages

url pkg:maven/com.jfinal/jfinal@5.0.1

purl pkg:maven/com.jfinal/jfinal@5.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-82p1-qbvu-efeg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1

aliases CVE-2023-49395, GHSA-8hch-q86g-j38w

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-82qu-67k6-efgs

url VCID-b53k-vpxw-t3gh

vulnerability_id VCID-b53k-vpxw-t3gh

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-49375

reference_id

reference_type

scores

value	0.00268
scoring_system	epss
scoring_elements	0.50543
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-49375

reference_url

https://github.com/cui2shark/cms/blob/main/There%20is%20CSRF%20in%20the%20modification%20of%20the%20friendship%20link.md

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/cui2shark/cms/blob/main/There%20is%20CSRF%20in%20the%20modification%20of%20the%20friendship%20link.md

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-49375

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-49375

reference_url

https://github.com/advisories/GHSA-gfhv-xxqj-h323

reference_id

GHSA-gfhv-xxqj-h323

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-gfhv-xxqj-h323

fixed_packages

url pkg:maven/com.jfinal/jfinal@5.0.1

purl pkg:maven/com.jfinal/jfinal@5.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-82p1-qbvu-efeg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1

aliases CVE-2023-49375, GHSA-gfhv-xxqj-h323

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b53k-vpxw-t3gh

url VCID-cryu-7dxb-5ygn

vulnerability_id VCID-cryu-7dxb-5ygn

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-49397

reference_id

reference_type

scores

value	0.00268
scoring_system	epss
scoring_elements	0.50543
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-49397

reference_url

https://github.com/nightcloudos/new_cms/blob/main/CSRF%20exists%20at%20the%20change%20of%20column%20management%20status.md

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/nightcloudos/new_cms/blob/main/CSRF%20exists%20at%20the%20change%20of%20column%20management%20status.md

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-49397

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-49397

reference_url

https://github.com/advisories/GHSA-5f56-h6fg-rcrh

reference_id

GHSA-5f56-h6fg-rcrh

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-5f56-h6fg-rcrh

fixed_packages

url pkg:maven/com.jfinal/jfinal@5.0.1

purl pkg:maven/com.jfinal/jfinal@5.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-82p1-qbvu-efeg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1

aliases CVE-2023-49397, GHSA-5f56-h6fg-rcrh

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cryu-7dxb-5ygn

url VCID-d7b4-d2ju-fkhj

vulnerability_id VCID-d7b4-d2ju-fkhj

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-49487

reference_id

reference_type

scores

value	0.00098
scoring_system	epss
scoring_elements	0.26872
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-49487

reference_url

https://github.com/jfinal/jfinal

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/jfinal/jfinal

reference_url

https://github.com/Rabb1ter/cms/blob/main/There%20is%20a%20stored%20XSS%20in%20the%20navigation%20management%20office.md

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/Rabb1ter/cms/blob/main/There%20is%20a%20stored%20XSS%20in%20the%20navigation%20management%20office.md

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-49487

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-49487

reference_url

https://github.com/advisories/GHSA-m42v-qv3c-h6j7

reference_id

GHSA-m42v-qv3c-h6j7

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-m42v-qv3c-h6j7

fixed_packages

url pkg:maven/com.jfinal/jfinal@5.0.1

purl pkg:maven/com.jfinal/jfinal@5.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-82p1-qbvu-efeg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1

aliases CVE-2023-49487, GHSA-m42v-qv3c-h6j7

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d7b4-d2ju-fkhj

url VCID-f296-yvy3-5kf9

vulnerability_id VCID-f296-yvy3-5kf9

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-49447

reference_id

reference_type

scores

value	0.00268
scoring_system	epss
scoring_elements	0.50543
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-49447

reference_url

https://github.com/ysuzhangbin/cms/blob/main/CSRF%20exists%20at%20the%20navigation%20management%20modification%20location.md

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ysuzhangbin/cms/blob/main/CSRF%20exists%20at%20the%20navigation%20management%20modification%20location.md

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-49447

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-49447

reference_url

https://github.com/advisories/GHSA-32j2-c7mx-v4jj

reference_id

GHSA-32j2-c7mx-v4jj

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-32j2-c7mx-v4jj

fixed_packages

url pkg:maven/com.jfinal/jfinal@5.0.1

purl pkg:maven/com.jfinal/jfinal@5.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-82p1-qbvu-efeg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1

aliases CVE-2023-49447, GHSA-32j2-c7mx-v4jj

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f296-yvy3-5kf9

url VCID-gjny-2bdr-x3hb

vulnerability_id VCID-gjny-2bdr-x3hb

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-49377

reference_id

reference_type

scores

value	0.00268
scoring_system	epss
scoring_elements	0.50543
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-49377

reference_url

https://github.com/cui2shark/cms/blob/main/Modification%20of%20CSRF%20in%20Label%20Management.md

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/cui2shark/cms/blob/main/Modification%20of%20CSRF%20in%20Label%20Management.md

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-49377

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-49377

reference_url

https://github.com/advisories/GHSA-r6mg-fq87-gw34

reference_id

GHSA-r6mg-fq87-gw34

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-r6mg-fq87-gw34

fixed_packages

url pkg:maven/com.jfinal/jfinal@5.0.1

purl pkg:maven/com.jfinal/jfinal@5.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-82p1-qbvu-efeg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1

aliases CVE-2023-49377, GHSA-r6mg-fq87-gw34

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gjny-2bdr-x3hb

url VCID-mkjz-3rsc-qyd9

vulnerability_id VCID-mkjz-3rsc-qyd9

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-50449

reference_id

reference_type

scores

value	0.00123
scoring_system	epss
scoring_elements	0.3106
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-50449

reference_url

https://gitee.com/heyewei/JFinalcms/issues/I7WGC6

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://gitee.com/heyewei/JFinalcms/issues/I7WGC6

reference_url

https://github.com/jfinal/jfinal

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/jfinal/jfinal

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-50449

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-50449

reference_url

https://github.com/advisories/GHSA-7x2g-4jvc-4x6p

reference_id

GHSA-7x2g-4jvc-4x6p

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-7x2g-4jvc-4x6p

fixed_packages

url pkg:maven/com.jfinal/jfinal@5.0.1

purl pkg:maven/com.jfinal/jfinal@5.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-82p1-qbvu-efeg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1

aliases CVE-2023-50449, GHSA-7x2g-4jvc-4x6p

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mkjz-3rsc-qyd9

url VCID-mnj9-6xps-vfgs

vulnerability_id VCID-mnj9-6xps-vfgs

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-49372

reference_id

reference_type

scores

value	0.00268
scoring_system	epss
scoring_elements	0.50543
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-49372

reference_url

https://github.com/jfinal/jfinal

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/jfinal/jfinal

reference_url

https://github.com/li-yu320/cms/blob/main/There%20is%20a%20CSRF%20present%20at%20the%20new%20location%20of%20the%20rotation%20image.md

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/li-yu320/cms/blob/main/There%20is%20a%20CSRF%20present%20at%20the%20new%20location%20of%20the%20rotation%20image.md

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-49372

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-49372

reference_url

https://github.com/advisories/GHSA-9wvj-wr2f-6mx6

reference_id

GHSA-9wvj-wr2f-6mx6

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-9wvj-wr2f-6mx6

fixed_packages

url pkg:maven/com.jfinal/jfinal@5.0.1

purl pkg:maven/com.jfinal/jfinal@5.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-82p1-qbvu-efeg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1

aliases CVE-2023-49372, GHSA-9wvj-wr2f-6mx6

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mnj9-6xps-vfgs

url VCID-p847-h143-mbdf

vulnerability_id VCID-p847-h143-mbdf

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-49382

reference_id

reference_type

scores

value	0.00268
scoring_system	epss
scoring_elements	0.50543
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-49382

reference_url

https://github.com/cui2shark/cms/blob/main/CSRF%20exists%20at%20the%20deletion%20point%20of%20the%20custom%20table.md

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/cui2shark/cms/blob/main/CSRF%20exists%20at%20the%20deletion%20point%20of%20the%20custom%20table.md

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-49382

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-49382

reference_url

https://github.com/advisories/GHSA-6v55-h6m5-2352

reference_id

GHSA-6v55-h6m5-2352

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-6v55-h6m5-2352

fixed_packages

url pkg:maven/com.jfinal/jfinal@5.0.1

purl pkg:maven/com.jfinal/jfinal@5.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-82p1-qbvu-efeg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1

aliases CVE-2023-49382, GHSA-6v55-h6m5-2352

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p847-h143-mbdf

url VCID-pmnu-e15z-myhg

vulnerability_id VCID-pmnu-e15z-myhg

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-49380

reference_id

reference_type

scores

value	0.00281
scoring_system	epss
scoring_elements	0.51865
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-49380

reference_url

https://github.com/cui2shark/cms/blob/main/There%20is%20a%20CSRF%20at%20the%20deletion%20point%20of%20the%20friendship%20link.md

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/cui2shark/cms/blob/main/There%20is%20a%20CSRF%20at%20the%20deletion%20point%20of%20the%20friendship%20link.md

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-49380

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-49380

reference_url

https://github.com/advisories/GHSA-765f-3mgx-24pw

reference_id

GHSA-765f-3mgx-24pw

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-765f-3mgx-24pw

fixed_packages

url pkg:maven/com.jfinal/jfinal@5.0.1

purl pkg:maven/com.jfinal/jfinal@5.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-82p1-qbvu-efeg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1

aliases CVE-2023-49380, GHSA-765f-3mgx-24pw

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pmnu-e15z-myhg

url VCID-q29x-aunb-47am

vulnerability_id VCID-q29x-aunb-47am

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-49379

reference_id

reference_type

scores

value	0.00268
scoring_system	epss
scoring_elements	0.50543
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-49379

reference_url

https://github.com/cui2shark/cms/blob/main/There%20is%20a%20CSRF%20in%20the%20new%20location%20of%20the%20friendship%20link.md

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/cui2shark/cms/blob/main/There%20is%20a%20CSRF%20in%20the%20new%20location%20of%20the%20friendship%20link.md

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-49379

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-49379

reference_url

https://github.com/advisories/GHSA-r2wj-mxvh-wqfh

reference_id

GHSA-r2wj-mxvh-wqfh

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-r2wj-mxvh-wqfh

fixed_packages

url pkg:maven/com.jfinal/jfinal@5.0.1

purl pkg:maven/com.jfinal/jfinal@5.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-82p1-qbvu-efeg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1

aliases CVE-2023-49379, GHSA-r2wj-mxvh-wqfh

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q29x-aunb-47am

url VCID-rkvt-wtkj-7fbm

vulnerability_id VCID-rkvt-wtkj-7fbm

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-49486

reference_id

reference_type

scores

value	0.00096
scoring_system	epss
scoring_elements	0.26538
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-49486

reference_url

https://github.com/jfinal/jfinal

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/jfinal/jfinal

reference_url

https://github.com/Rabb1ter/cms/blob/main/There%20is%20a%20stored%20XSS%20in%20the%20model%20management%20department.md

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/Rabb1ter/cms/blob/main/There%20is%20a%20stored%20XSS%20in%20the%20model%20management%20department.md

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-49486

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-49486

reference_url

https://github.com/advisories/GHSA-hjfp-2j7q-xmx4

reference_id

GHSA-hjfp-2j7q-xmx4

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-hjfp-2j7q-xmx4

fixed_packages

url pkg:maven/com.jfinal/jfinal@5.0.1

purl pkg:maven/com.jfinal/jfinal@5.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-82p1-qbvu-efeg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1

aliases CVE-2023-49486, GHSA-hjfp-2j7q-xmx4

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rkvt-wtkj-7fbm

url VCID-s37r-ptss-euft

vulnerability_id VCID-s37r-ptss-euft

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-49374

reference_id

reference_type

scores

value	0.00268
scoring_system	epss
scoring_elements	0.50543
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-49374

reference_url

https://github.com/li-yu320/cms/blob/main/There%20is%20CSRF%20in%20the%20rotation%20image%20editing%20section.md

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/li-yu320/cms/blob/main/There%20is%20CSRF%20in%20the%20rotation%20image%20editing%20section.md

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-49374

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-49374

reference_url

https://github.com/advisories/GHSA-r7w2-j96v-vw8m

reference_id

GHSA-r7w2-j96v-vw8m

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-r7w2-j96v-vw8m

fixed_packages

url pkg:maven/com.jfinal/jfinal@5.0.1

purl pkg:maven/com.jfinal/jfinal@5.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-82p1-qbvu-efeg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1

aliases CVE-2023-49374, GHSA-r7w2-j96v-vw8m

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s37r-ptss-euft

url VCID-sxvz-rf3y-yuef

vulnerability_id VCID-sxvz-rf3y-yuef

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-49446

reference_id

reference_type

scores

value	0.00268
scoring_system	epss
scoring_elements	0.50543
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-49446

reference_url

https://github.com/ysuzhangbin/cms/blob/main/There%20is%20a%20CSRF%20in%20the%20newly%20added%20navigation%20management%20area.md

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ysuzhangbin/cms/blob/main/There%20is%20a%20CSRF%20in%20the%20newly%20added%20navigation%20management%20area.md

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-49446

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-49446

reference_url

https://github.com/advisories/GHSA-hv4c-v8j8-54cw

reference_id

GHSA-hv4c-v8j8-54cw

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-hv4c-v8j8-54cw

fixed_packages

url pkg:maven/com.jfinal/jfinal@5.0.1

purl pkg:maven/com.jfinal/jfinal@5.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-82p1-qbvu-efeg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1

aliases CVE-2023-49446, GHSA-hv4c-v8j8-54cw

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sxvz-rf3y-yuef

url VCID-szda-c4tt-xfhk

vulnerability_id VCID-szda-c4tt-xfhk

summary Cross Site Scripting (XSS) vulnerability in JFinalcms 5.0.0 allows attackers to run arbitrary code via the /admin/login username parameter.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-22496

reference_id

reference_type

scores

value	0.00125
scoring_system	epss
scoring_elements	0.31305
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-22496

reference_url

https://github.com/cui2shark/security/blob/main/%28JFinalcms%20admin-login-username%29%20.md

reference_id

%28JFinalcms%20admin-login-username%29%20.md

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T10:39:09Z/

url

https://github.com/cui2shark/security/blob/main/%28JFinalcms%20admin-login-username%29%20.md

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-22496

reference_id

CVE-2024-22496

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-22496

reference_url

https://github.com/advisories/GHSA-v435-pfj6-68r3

reference_id

GHSA-v435-pfj6-68r3

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-v435-pfj6-68r3

fixed_packages

url pkg:maven/com.jfinal/jfinal@5.0.1

purl pkg:maven/com.jfinal/jfinal@5.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-82p1-qbvu-efeg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1

aliases CVE-2024-22496, GHSA-v435-pfj6-68r3

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-szda-c4tt-xfhk

url VCID-uexx-rhq8-gue1

vulnerability_id VCID-uexx-rhq8-gue1

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-49378

reference_id

reference_type

scores

value	0.00268
scoring_system	epss
scoring_elements	0.50543
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-49378

reference_url

https://github.com/cui2shark/cms/blob/main/CSRF%20exists%20at%20the%20creation%20location%20of%20the%20custom%20table.md

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/cui2shark/cms/blob/main/CSRF%20exists%20at%20the%20creation%20location%20of%20the%20custom%20table.md

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-49378

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-49378

reference_url

https://github.com/advisories/GHSA-gw26-cchc-8f2f

reference_id

GHSA-gw26-cchc-8f2f

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-gw26-cchc-8f2f

fixed_packages

url pkg:maven/com.jfinal/jfinal@5.0.1

purl pkg:maven/com.jfinal/jfinal@5.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-82p1-qbvu-efeg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1

aliases CVE-2023-49378, GHSA-gw26-cchc-8f2f

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uexx-rhq8-gue1

url VCID-vjtk-sz1r-4yem

vulnerability_id VCID-vjtk-sz1r-4yem

summary JFinalCMS v5.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the column management department.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-49485

reference_id

reference_type

scores

value	0.00098
scoring_system	epss
scoring_elements	0.26872
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-49485

reference_url

https://github.com/jfinal/jfinal

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/jfinal/jfinal

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-49485

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-49485

reference_url

https://github.com/advisories/GHSA-f2w8-4m48-5qrq

reference_id

GHSA-f2w8-4m48-5qrq

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-f2w8-4m48-5qrq

reference_url

https://github.com/Rabb1ter/cms/blob/main/There%20is%20a%20storage%20type%20XSS%20in%20the%20column%20management%20department.md

reference_id

There%20is%20a%20storage%20type%20XSS%20in%20the%20column%20management%20department.md

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T15:27:30Z/

url

https://github.com/Rabb1ter/cms/blob/main/There%20is%20a%20storage%20type%20XSS%20in%20the%20column%20management%20department.md

fixed_packages

url pkg:maven/com.jfinal/jfinal@5.0.1

purl pkg:maven/com.jfinal/jfinal@5.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-82p1-qbvu-efeg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1

aliases CVE-2023-49485, GHSA-f2w8-4m48-5qrq

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vjtk-sz1r-4yem

url VCID-x5b2-ryqc-tyfk

vulnerability_id VCID-x5b2-ryqc-tyfk

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-49448

reference_id

reference_type

scores

value	0.00268
scoring_system	epss
scoring_elements	0.50543
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-49448

reference_url

https://github.com/ysuzhangbin/cms/blob/main/CSRF%20exists%20at%20the%20deletion%20point%20of%20navigation%20management.md

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ysuzhangbin/cms/blob/main/CSRF%20exists%20at%20the%20deletion%20point%20of%20navigation%20management.md

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-49448

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-49448

reference_url

https://github.com/advisories/GHSA-pv3g-vc3q-8c9g

reference_id

GHSA-pv3g-vc3q-8c9g

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-pv3g-vc3q-8c9g

fixed_packages

url pkg:maven/com.jfinal/jfinal@5.0.1

purl pkg:maven/com.jfinal/jfinal@5.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-82p1-qbvu-efeg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1

aliases CVE-2023-49448, GHSA-pv3g-vc3q-8c9g

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x5b2-ryqc-tyfk

url VCID-y9s5-n6we-byhn

vulnerability_id VCID-y9s5-n6we-byhn

summary A stored XSS vulnerability exists in JFinalcms 5.0.0 via the /gusetbook/save content parameter, which allows remote attackers to inject arbitrary web script or HTML.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-22493

reference_id

reference_type

scores

value	0.00129
scoring_system	epss
scoring_elements	0.31892
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-22493

reference_url

https://github.com/cui2shark/security/blob/main/%28JFinalcms%20content%20para%29A%20stored%20cross-site%20scripting%20%28XSS%29%20vulnerability%20was%20discovered%20in%20Jfinalcms%20content%20para.md

reference_id

%28JFinalcms%20content%20para%29A%20stored%20cross-site%20scripting%20%28XSS%29%20vulnerability%20was%20discovered%20in%20Jfinalcms%20content%20para.md

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T20:30:20Z/

url

https://github.com/cui2shark/security/blob/main/%28JFinalcms%20content%20para%29A%20stored%20cross-site%20scripting%20%28XSS%29%20vulnerability%20was%20discovered%20in%20Jfinalcms%20content%20para.md

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-22493

reference_id

CVE-2024-22493

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-22493

reference_url

https://github.com/advisories/GHSA-3j4x-9q9q-3277

reference_id

GHSA-3j4x-9q9q-3277

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-3j4x-9q9q-3277

fixed_packages

url pkg:maven/com.jfinal/jfinal@5.0.1

purl pkg:maven/com.jfinal/jfinal@5.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-82p1-qbvu-efeg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1

aliases CVE-2024-22493, GHSA-3j4x-9q9q-3277

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y9s5-n6we-byhn

url VCID-y9u5-hd6w-cbaz

vulnerability_id VCID-y9u5-hd6w-cbaz

summary JFinalcms 5.0.0 is vulnerable to Cross Site Scripting (XSS) via Label management editing.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-50101

reference_id

reference_type

scores

value	0.00193
scoring_system	epss
scoring_elements	0.41187
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-50101

reference_url

https://github.com/jfinal/jfinal

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/jfinal/jfinal

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-50101

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-50101

reference_url

https://github.com/advisories/GHSA-m3p6-43xj-pf9v

reference_id

GHSA-m3p6-43xj-pf9v

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-m3p6-43xj-pf9v

reference_url

https://github.com/Jarvis-616/cms/blob/master/Label%20management%20editing%20with%20stored%20XSS.md

reference_id

Label%20management%20editing%20with%20stored%20XSS.md

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-20T20:49:10Z/

url

https://github.com/Jarvis-616/cms/blob/master/Label%20management%20editing%20with%20stored%20XSS.md

fixed_packages

url pkg:maven/com.jfinal/jfinal@5.0.1

purl pkg:maven/com.jfinal/jfinal@5.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-82p1-qbvu-efeg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1

aliases CVE-2023-50101, GHSA-m3p6-43xj-pf9v

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y9u5-hd6w-cbaz

url VCID-yekz-6x9y-23e4

vulnerability_id VCID-yekz-6x9y-23e4

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-49383

reference_id

reference_type

scores

value	0.00268
scoring_system	epss
scoring_elements	0.50543
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-49383

reference_url

https://github.com/cui2shark/cms/blob/main/Added%20CSRF%20in%20Label%20Management.md

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/cui2shark/cms/blob/main/Added%20CSRF%20in%20Label%20Management.md

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-49383

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-49383

reference_url

https://github.com/advisories/GHSA-rq2q-hc6h-2px2

reference_id

GHSA-rq2q-hc6h-2px2

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-rq2q-hc6h-2px2

fixed_packages

url pkg:maven/com.jfinal/jfinal@5.0.1

purl pkg:maven/com.jfinal/jfinal@5.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-82p1-qbvu-efeg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1

aliases CVE-2023-49383, GHSA-rq2q-hc6h-2px2

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yekz-6x9y-23e4

Fixing_vulnerabilities

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@4.9.02

Package Instance