Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/574451?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/574451?format=api", "purl": "pkg:maven/com.jfinal/jfinal@5.0.1", "type": "maven", "namespace": "com.jfinal", "name": "jfinal", "version": "5.0.1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "5.1.1", "latest_non_vulnerable_version": "5.1.1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210891?format=api", "vulnerability_id": "VCID-82p1-qbvu-efeg", "summary": "Cross-site Scripting in Jfinal CMS", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-33113", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41115", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40949", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41126", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41137", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-33113" }, { "reference_url": "https://github.com/jflyfox/jfinal_cms/issues/39", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jflyfox/jfinal_cms/issues/39" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33113", "reference_id": "CVE-2022-33113", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33113" }, { "reference_url": "https://github.com/advisories/GHSA-9pvq-4cc7-24jg", "reference_id": "GHSA-9pvq-4cc7-24jg", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9pvq-4cc7-24jg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/574460?format=api", "purl": "pkg:maven/com.jfinal/jfinal@5.1.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.1.1" } ], "aliases": [ "CVE-2022-33113", "GHSA-9pvq-4cc7-24jg" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-82p1-qbvu-efeg" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/357892?format=api", "vulnerability_id": "VCID-1zbf-vz8c-6fdn", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50102", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00193", "scoring_system": "epss", "scoring_elements": "0.41187", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00193", "scoring_system": "epss", "scoring_elements": "0.41354", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00193", "scoring_system": "epss", "scoring_elements": "0.41372", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00193", "scoring_system": "epss", "scoring_elements": "0.41362", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50102" }, { "reference_url": "https://github.com/Jarvis-616/cms/blob/master/Content%20data%20exists%20in%20storage%20XSS%20for%20editing.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/Jarvis-616/cms/blob/master/Content%20data%20exists%20in%20storage%20XSS%20for%20editing.md" }, { "reference_url": "https://github.com/jfinal/jfinal", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jfinal/jfinal" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-50102", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-50102" }, { "reference_url": "https://github.com/advisories/GHSA-p3ph-6245-4wfc", "reference_id": "GHSA-p3ph-6245-4wfc", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-p3ph-6245-4wfc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/574451?format=api", "purl": "pkg:maven/com.jfinal/jfinal@5.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82p1-qbvu-efeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1" } ], "aliases": [ "CVE-2023-50102", "GHSA-p3ph-6245-4wfc" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1zbf-vz8c-6fdn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/357895?format=api", "vulnerability_id": "VCID-27b9-9wd8-nqb1", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50137", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28428", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28624", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28648", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28639", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50137" }, { "reference_url": "https://github.com/jfinal/jfinal", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jfinal/jfinal" }, { "reference_url": "https://github.com/yukino-hiki/CVE/blob/main/3/There%20is%20a%20storage%20type%20xss%20in%20the%20site%20management%20office.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/yukino-hiki/CVE/blob/main/3/There%20is%20a%20storage%20type%20xss%20in%20the%20site%20management%20office.md" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-50137", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-50137" }, { "reference_url": "https://github.com/advisories/GHSA-xv7p-jw46-8r85", "reference_id": "GHSA-xv7p-jw46-8r85", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xv7p-jw46-8r85" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/574451?format=api", "purl": "pkg:maven/com.jfinal/jfinal@5.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82p1-qbvu-efeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1" } ], "aliases": [ "CVE-2023-50137", "GHSA-xv7p-jw46-8r85" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-27b9-9wd8-nqb1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62037?format=api", "vulnerability_id": "VCID-2nyn-zg2q-kbcy", "summary": "Cross Site Scripting (XSS) vulnerability in /admin/login password parameter in JFinalcms 5.0.0 allows attackers to run arbitrary code via crafted URL.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22497", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31498", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.315", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31305", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31519", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22497" }, { "reference_url": "https://github.com/cui2shark/security/blob/main/%28JFinalcms%20admin-login-password%29%20.md", "reference_id": "%28JFinalcms%20admin-login-password%29%20.md", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-09T23:37:37Z/" } ], "url": "https://github.com/cui2shark/security/blob/main/%28JFinalcms%20admin-login-password%29%20.md" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22497", "reference_id": "CVE-2024-22497", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22497" }, { "reference_url": "https://github.com/advisories/GHSA-qh2w-9m7w-hjg2", "reference_id": "GHSA-qh2w-9m7w-hjg2", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qh2w-9m7w-hjg2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/574451?format=api", "purl": "pkg:maven/com.jfinal/jfinal@5.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82p1-qbvu-efeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1" } ], "aliases": [ "CVE-2024-22497", "GHSA-qh2w-9m7w-hjg2" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2nyn-zg2q-kbcy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/357619?format=api", "vulnerability_id": "VCID-354v-2fp3-gfdx", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49381", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50543", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50676", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50693", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.5068", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49381" }, { "reference_url": "https://github.com/cui2shark/cms/blob/main/CSRF%20exists%20at%20the%20modification%20point%20of%20the%20custom%20table.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/cui2shark/cms/blob/main/CSRF%20exists%20at%20the%20modification%20point%20of%20the%20custom%20table.md" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49381", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49381" }, { "reference_url": "https://github.com/advisories/GHSA-r222-mcff-27ff", "reference_id": "GHSA-r222-mcff-27ff", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r222-mcff-27ff" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/574451?format=api", "purl": "pkg:maven/com.jfinal/jfinal@5.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82p1-qbvu-efeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1" } ], "aliases": [ "CVE-2023-49381", "GHSA-r222-mcff-27ff" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-354v-2fp3-gfdx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/357623?format=api", "vulnerability_id": "VCID-3nnf-d6rh-73gx", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49396", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50543", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50676", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50693", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.5068", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49396" }, { "reference_url": "https://github.com/nightcloudos/new_cms/blob/main/CSRF%20exists%20at%20the%20newly%20added%20section%20of%20column%20management.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/nightcloudos/new_cms/blob/main/CSRF%20exists%20at%20the%20newly%20added%20section%20of%20column%20management.md" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49396", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49396" }, { "reference_url": "https://github.com/advisories/GHSA-882g-gjqp-9vjp", "reference_id": "GHSA-882g-gjqp-9vjp", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-882g-gjqp-9vjp" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/574451?format=api", "purl": "pkg:maven/com.jfinal/jfinal@5.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82p1-qbvu-efeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1" } ], "aliases": [ "CVE-2023-49396", "GHSA-882g-gjqp-9vjp" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3nnf-d6rh-73gx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/357611?format=api", "vulnerability_id": "VCID-45ur-b829-rbgv", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49373", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50543", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50676", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50693", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.5068", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49373" }, { "reference_url": "https://github.com/jfinal/jfinal", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jfinal/jfinal" }, { "reference_url": "https://github.com/li-yu320/cms/blob/main/There%20is%20a%20CSRF%20at%20the%20deletion%20point%20of%20the%20broadcast%20image.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/li-yu320/cms/blob/main/There%20is%20a%20CSRF%20at%20the%20deletion%20point%20of%20the%20broadcast%20image.md" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49373", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49373" }, { "reference_url": "https://github.com/advisories/GHSA-cj7j-23wf-mhrx", "reference_id": "GHSA-cj7j-23wf-mhrx", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cj7j-23wf-mhrx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/574451?format=api", "purl": "pkg:maven/com.jfinal/jfinal@5.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82p1-qbvu-efeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1" } ], "aliases": [ "CVE-2023-49373", "GHSA-cj7j-23wf-mhrx" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-45ur-b829-rbgv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/357625?format=api", "vulnerability_id": "VCID-5drm-1me6-6kcb", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49398", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50543", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50676", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50693", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.5068", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49398" }, { "reference_url": "https://github.com/nightcloudos/new_cms/blob/main/CSRF%20exists%20at%20the%20deletion%20point%20of%20column%20management.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/nightcloudos/new_cms/blob/main/CSRF%20exists%20at%20the%20deletion%20point%20of%20column%20management.md" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49398", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49398" }, { "reference_url": "https://github.com/advisories/GHSA-mwvq-gc5w-m78f", "reference_id": "GHSA-mwvq-gc5w-m78f", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mwvq-gc5w-m78f" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/574451?format=api", "purl": "pkg:maven/com.jfinal/jfinal@5.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82p1-qbvu-efeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1" } ], "aliases": [ "CVE-2023-49398", "GHSA-mwvq-gc5w-m78f" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5drm-1me6-6kcb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/357614?format=api", "vulnerability_id": "VCID-5kw4-cjbh-1bdh", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49376", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50543", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50676", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50693", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.5068", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49376" }, { "reference_url": "https://github.com/cui2shark/cms/blob/main/Delete%20existing%20CSRF%20in%20label%20management.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/cui2shark/cms/blob/main/Delete%20existing%20CSRF%20in%20label%20management.md" }, { "reference_url": "https://github.com/jfinal/jfinal", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jfinal/jfinal" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49376", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49376" }, { "reference_url": "https://github.com/advisories/GHSA-w492-7g9m-j2ww", "reference_id": "GHSA-w492-7g9m-j2ww", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w492-7g9m-j2ww" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/574451?format=api", "purl": "pkg:maven/com.jfinal/jfinal@5.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82p1-qbvu-efeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1" } ], "aliases": [ "CVE-2023-49376", "GHSA-w492-7g9m-j2ww" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5kw4-cjbh-1bdh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62126?format=api", "vulnerability_id": "VCID-5yzu-2p73-2yg4", "summary": "A stored XSS vulnerability exists in JFinalcms 5.0.0 via the /gusetbook/save contact parameter, which allows remote attackers to inject arbitrary web script or HTML.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22492", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31813", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31815", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31626", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31831", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22492" }, { "reference_url": "https://github.com/cui2shark/security/blob/main/%28JFinalcms%20contact%20para%29A%20stored%20cross-site%20scripting%20%28XSS%29%20vulnerability%20was%20discovered%20in%20Jfinalcms%20contact%20para.md", "reference_id": "%28JFinalcms%20contact%20para%29A%20stored%20cross-site%20scripting%20%28XSS%29%20vulnerability%20was%20discovered%20in%20Jfinalcms%20contact%20para.md", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:25:20Z/" } ], "url": "https://github.com/cui2shark/security/blob/main/%28JFinalcms%20contact%20para%29A%20stored%20cross-site%20scripting%20%28XSS%29%20vulnerability%20was%20discovered%20in%20Jfinalcms%20contact%20para.md" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22492", "reference_id": "CVE-2024-22492", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22492" }, { "reference_url": "https://github.com/advisories/GHSA-859h-4w58-78xw", "reference_id": "GHSA-859h-4w58-78xw", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-859h-4w58-78xw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/574451?format=api", "purl": "pkg:maven/com.jfinal/jfinal@5.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82p1-qbvu-efeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1" } ], "aliases": [ "CVE-2024-22492", "GHSA-859h-4w58-78xw" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5yzu-2p73-2yg4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/357891?format=api", "vulnerability_id": "VCID-6xjf-nmwh-2ygb", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50100", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28428", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28624", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28648", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28639", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50100" }, { "reference_url": "https://github.com/Jarvis-616/cms/blob/master/There%20is%20a%20storage%20type%20XSS%20for%20carousel%20image%20editing.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/Jarvis-616/cms/blob/master/There%20is%20a%20storage%20type%20XSS%20for%20carousel%20image%20editing.md" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-50100", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-50100" }, { "reference_url": "https://github.com/advisories/GHSA-3hf6-f8ch-5869", "reference_id": "GHSA-3hf6-f8ch-5869", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3hf6-f8ch-5869" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/574451?format=api", "purl": "pkg:maven/com.jfinal/jfinal@5.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82p1-qbvu-efeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1" } ], "aliases": [ "CVE-2023-50100", "GHSA-3hf6-f8ch-5869" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6xjf-nmwh-2ygb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/357622?format=api", "vulnerability_id": "VCID-82qu-67k6-efgs", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49395", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50543", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50676", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50693", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.5068", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49395" }, { "reference_url": "https://github.com/nightcloudos/new_cms/blob/main/CSRF%20exists%20in%20the%20column%20management%20modification%20section.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/nightcloudos/new_cms/blob/main/CSRF%20exists%20in%20the%20column%20management%20modification%20section.md" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49395", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49395" }, { "reference_url": "https://github.com/advisories/GHSA-8hch-q86g-j38w", "reference_id": "GHSA-8hch-q86g-j38w", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8hch-q86g-j38w" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/574451?format=api", "purl": "pkg:maven/com.jfinal/jfinal@5.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82p1-qbvu-efeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1" } ], "aliases": [ "CVE-2023-49395", "GHSA-8hch-q86g-j38w" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-82qu-67k6-efgs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/357613?format=api", "vulnerability_id": "VCID-b53k-vpxw-t3gh", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49375", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50543", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50676", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50693", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.5068", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49375" }, { "reference_url": "https://github.com/cui2shark/cms/blob/main/There%20is%20CSRF%20in%20the%20modification%20of%20the%20friendship%20link.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/cui2shark/cms/blob/main/There%20is%20CSRF%20in%20the%20modification%20of%20the%20friendship%20link.md" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49375", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49375" }, { "reference_url": "https://github.com/advisories/GHSA-gfhv-xxqj-h323", "reference_id": "GHSA-gfhv-xxqj-h323", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gfhv-xxqj-h323" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/574451?format=api", "purl": "pkg:maven/com.jfinal/jfinal@5.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82p1-qbvu-efeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1" } ], "aliases": [ "CVE-2023-49375", "GHSA-gfhv-xxqj-h323" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b53k-vpxw-t3gh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/357624?format=api", "vulnerability_id": "VCID-cryu-7dxb-5ygn", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49397", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50543", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50676", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50693", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.5068", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49397" }, { "reference_url": "https://github.com/nightcloudos/new_cms/blob/main/CSRF%20exists%20at%20the%20change%20of%20column%20management%20status.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/nightcloudos/new_cms/blob/main/CSRF%20exists%20at%20the%20change%20of%20column%20management%20status.md" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49397", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49397" }, { "reference_url": "https://github.com/advisories/GHSA-5f56-h6fg-rcrh", "reference_id": "GHSA-5f56-h6fg-rcrh", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5f56-h6fg-rcrh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/574451?format=api", "purl": "pkg:maven/com.jfinal/jfinal@5.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82p1-qbvu-efeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1" } ], "aliases": [ "CVE-2023-49397", "GHSA-5f56-h6fg-rcrh" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cryu-7dxb-5ygn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/357650?format=api", "vulnerability_id": "VCID-d7b4-d2ju-fkhj", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49487", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26872", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27074", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27088", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27072", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49487" }, { "reference_url": "https://github.com/jfinal/jfinal", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jfinal/jfinal" }, { "reference_url": "https://github.com/Rabb1ter/cms/blob/main/There%20is%20a%20stored%20XSS%20in%20the%20navigation%20management%20office.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/Rabb1ter/cms/blob/main/There%20is%20a%20stored%20XSS%20in%20the%20navigation%20management%20office.md" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49487", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49487" }, { "reference_url": "https://github.com/advisories/GHSA-m42v-qv3c-h6j7", "reference_id": "GHSA-m42v-qv3c-h6j7", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m42v-qv3c-h6j7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/574451?format=api", "purl": "pkg:maven/com.jfinal/jfinal@5.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82p1-qbvu-efeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1" } ], "aliases": [ "CVE-2023-49487", "GHSA-m42v-qv3c-h6j7" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d7b4-d2ju-fkhj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/357646?format=api", "vulnerability_id": "VCID-f296-yvy3-5kf9", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49447", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50543", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50676", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50693", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.5068", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49447" }, { "reference_url": "https://github.com/ysuzhangbin/cms/blob/main/CSRF%20exists%20at%20the%20navigation%20management%20modification%20location.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ysuzhangbin/cms/blob/main/CSRF%20exists%20at%20the%20navigation%20management%20modification%20location.md" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49447", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49447" }, { "reference_url": "https://github.com/advisories/GHSA-32j2-c7mx-v4jj", "reference_id": "GHSA-32j2-c7mx-v4jj", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-32j2-c7mx-v4jj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/574451?format=api", "purl": "pkg:maven/com.jfinal/jfinal@5.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82p1-qbvu-efeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1" } ], "aliases": [ "CVE-2023-49447", "GHSA-32j2-c7mx-v4jj" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f296-yvy3-5kf9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/357615?format=api", "vulnerability_id": "VCID-gjny-2bdr-x3hb", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49377", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50543", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50676", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50693", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.5068", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49377" }, { "reference_url": "https://github.com/cui2shark/cms/blob/main/Modification%20of%20CSRF%20in%20Label%20Management.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/cui2shark/cms/blob/main/Modification%20of%20CSRF%20in%20Label%20Management.md" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49377", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49377" }, { "reference_url": "https://github.com/advisories/GHSA-r6mg-fq87-gw34", "reference_id": "GHSA-r6mg-fq87-gw34", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r6mg-fq87-gw34" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/574451?format=api", "purl": "pkg:maven/com.jfinal/jfinal@5.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82p1-qbvu-efeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1" } ], "aliases": [ "CVE-2023-49377", "GHSA-r6mg-fq87-gw34" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gjny-2bdr-x3hb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/357923?format=api", "vulnerability_id": "VCID-mkjz-3rsc-qyd9", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50449", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.3106", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31254", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31269", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31251", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50449" }, { "reference_url": "https://gitee.com/heyewei/JFinalcms/issues/I7WGC6", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://gitee.com/heyewei/JFinalcms/issues/I7WGC6" }, { "reference_url": "https://github.com/jfinal/jfinal", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jfinal/jfinal" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-50449", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-50449" }, { "reference_url": "https://github.com/advisories/GHSA-7x2g-4jvc-4x6p", "reference_id": "GHSA-7x2g-4jvc-4x6p", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7x2g-4jvc-4x6p" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/574451?format=api", "purl": "pkg:maven/com.jfinal/jfinal@5.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82p1-qbvu-efeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1" } ], "aliases": [ "CVE-2023-50449", "GHSA-7x2g-4jvc-4x6p" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mkjz-3rsc-qyd9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/357610?format=api", "vulnerability_id": "VCID-mnj9-6xps-vfgs", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49372", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50543", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50676", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50693", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.5068", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49372" }, { "reference_url": "https://github.com/jfinal/jfinal", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jfinal/jfinal" }, { "reference_url": "https://github.com/li-yu320/cms/blob/main/There%20is%20a%20CSRF%20present%20at%20the%20new%20location%20of%20the%20rotation%20image.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/li-yu320/cms/blob/main/There%20is%20a%20CSRF%20present%20at%20the%20new%20location%20of%20the%20rotation%20image.md" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49372", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49372" }, { "reference_url": "https://github.com/advisories/GHSA-9wvj-wr2f-6mx6", "reference_id": "GHSA-9wvj-wr2f-6mx6", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9wvj-wr2f-6mx6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/574451?format=api", "purl": "pkg:maven/com.jfinal/jfinal@5.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82p1-qbvu-efeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1" } ], "aliases": [ "CVE-2023-49372", "GHSA-9wvj-wr2f-6mx6" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mnj9-6xps-vfgs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/357620?format=api", "vulnerability_id": "VCID-p847-h143-mbdf", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49382", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50543", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50676", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50693", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.5068", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49382" }, { "reference_url": "https://github.com/cui2shark/cms/blob/main/CSRF%20exists%20at%20the%20deletion%20point%20of%20the%20custom%20table.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/cui2shark/cms/blob/main/CSRF%20exists%20at%20the%20deletion%20point%20of%20the%20custom%20table.md" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49382", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49382" }, { "reference_url": "https://github.com/advisories/GHSA-6v55-h6m5-2352", "reference_id": "GHSA-6v55-h6m5-2352", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6v55-h6m5-2352" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/574451?format=api", "purl": "pkg:maven/com.jfinal/jfinal@5.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82p1-qbvu-efeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1" } ], "aliases": [ "CVE-2023-49382", "GHSA-6v55-h6m5-2352" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p847-h143-mbdf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/357618?format=api", "vulnerability_id": "VCID-pmnu-e15z-myhg", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49380", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00281", "scoring_system": "epss", "scoring_elements": "0.51865", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00281", "scoring_system": "epss", "scoring_elements": "0.51995", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00281", "scoring_system": "epss", "scoring_elements": "0.52008", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00281", "scoring_system": "epss", "scoring_elements": "0.51992", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49380" }, { "reference_url": "https://github.com/cui2shark/cms/blob/main/There%20is%20a%20CSRF%20at%20the%20deletion%20point%20of%20the%20friendship%20link.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/cui2shark/cms/blob/main/There%20is%20a%20CSRF%20at%20the%20deletion%20point%20of%20the%20friendship%20link.md" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49380", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49380" }, { "reference_url": "https://github.com/advisories/GHSA-765f-3mgx-24pw", "reference_id": "GHSA-765f-3mgx-24pw", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-765f-3mgx-24pw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/574451?format=api", "purl": "pkg:maven/com.jfinal/jfinal@5.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82p1-qbvu-efeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1" } ], "aliases": [ "CVE-2023-49380", "GHSA-765f-3mgx-24pw" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pmnu-e15z-myhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/357617?format=api", "vulnerability_id": "VCID-q29x-aunb-47am", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49379", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50543", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50676", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50693", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.5068", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49379" }, { "reference_url": "https://github.com/cui2shark/cms/blob/main/There%20is%20a%20CSRF%20in%20the%20new%20location%20of%20the%20friendship%20link.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/cui2shark/cms/blob/main/There%20is%20a%20CSRF%20in%20the%20new%20location%20of%20the%20friendship%20link.md" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49379", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49379" }, { "reference_url": "https://github.com/advisories/GHSA-r2wj-mxvh-wqfh", "reference_id": "GHSA-r2wj-mxvh-wqfh", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r2wj-mxvh-wqfh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/574451?format=api", "purl": "pkg:maven/com.jfinal/jfinal@5.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82p1-qbvu-efeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1" } ], "aliases": [ "CVE-2023-49379", "GHSA-r2wj-mxvh-wqfh" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q29x-aunb-47am" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/357649?format=api", "vulnerability_id": "VCID-rkvt-wtkj-7fbm", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49486", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26538", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.2674", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26755", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26739", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49486" }, { "reference_url": "https://github.com/jfinal/jfinal", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jfinal/jfinal" }, { "reference_url": "https://github.com/Rabb1ter/cms/blob/main/There%20is%20a%20stored%20XSS%20in%20the%20model%20management%20department.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/Rabb1ter/cms/blob/main/There%20is%20a%20stored%20XSS%20in%20the%20model%20management%20department.md" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49486", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49486" }, { "reference_url": "https://github.com/advisories/GHSA-hjfp-2j7q-xmx4", "reference_id": "GHSA-hjfp-2j7q-xmx4", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-hjfp-2j7q-xmx4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/574451?format=api", "purl": "pkg:maven/com.jfinal/jfinal@5.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82p1-qbvu-efeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1" } ], "aliases": [ "CVE-2023-49486", "GHSA-hjfp-2j7q-xmx4" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rkvt-wtkj-7fbm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/357612?format=api", "vulnerability_id": "VCID-s37r-ptss-euft", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49374", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50543", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50676", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50693", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.5068", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49374" }, { "reference_url": "https://github.com/li-yu320/cms/blob/main/There%20is%20CSRF%20in%20the%20rotation%20image%20editing%20section.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/li-yu320/cms/blob/main/There%20is%20CSRF%20in%20the%20rotation%20image%20editing%20section.md" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49374", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49374" }, { "reference_url": "https://github.com/advisories/GHSA-r7w2-j96v-vw8m", "reference_id": "GHSA-r7w2-j96v-vw8m", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r7w2-j96v-vw8m" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/574451?format=api", "purl": "pkg:maven/com.jfinal/jfinal@5.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82p1-qbvu-efeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1" } ], "aliases": [ "CVE-2023-49374", "GHSA-r7w2-j96v-vw8m" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s37r-ptss-euft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/357645?format=api", "vulnerability_id": "VCID-sxvz-rf3y-yuef", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49446", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50543", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50676", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50693", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.5068", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49446" }, { "reference_url": "https://github.com/ysuzhangbin/cms/blob/main/There%20is%20a%20CSRF%20in%20the%20newly%20added%20navigation%20management%20area.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ysuzhangbin/cms/blob/main/There%20is%20a%20CSRF%20in%20the%20newly%20added%20navigation%20management%20area.md" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49446", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49446" }, { "reference_url": "https://github.com/advisories/GHSA-hv4c-v8j8-54cw", "reference_id": "GHSA-hv4c-v8j8-54cw", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-hv4c-v8j8-54cw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/574451?format=api", "purl": "pkg:maven/com.jfinal/jfinal@5.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82p1-qbvu-efeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1" } ], "aliases": [ "CVE-2023-49446", "GHSA-hv4c-v8j8-54cw" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sxvz-rf3y-yuef" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62414?format=api", "vulnerability_id": "VCID-szda-c4tt-xfhk", "summary": "Cross Site Scripting (XSS) vulnerability in JFinalcms 5.0.0 allows attackers to run arbitrary code via the /admin/login username parameter.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22496", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31498", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.315", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31305", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31519", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22496" }, { "reference_url": "https://github.com/cui2shark/security/blob/main/%28JFinalcms%20admin-login-username%29%20.md", "reference_id": "%28JFinalcms%20admin-login-username%29%20.md", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T10:39:09Z/" } ], "url": "https://github.com/cui2shark/security/blob/main/%28JFinalcms%20admin-login-username%29%20.md" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22496", "reference_id": "CVE-2024-22496", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22496" }, { "reference_url": "https://github.com/advisories/GHSA-v435-pfj6-68r3", "reference_id": "GHSA-v435-pfj6-68r3", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-v435-pfj6-68r3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/574451?format=api", "purl": "pkg:maven/com.jfinal/jfinal@5.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82p1-qbvu-efeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1" } ], "aliases": [ "CVE-2024-22496", "GHSA-v435-pfj6-68r3" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-szda-c4tt-xfhk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/357616?format=api", "vulnerability_id": "VCID-uexx-rhq8-gue1", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49378", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50543", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50676", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50693", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.5068", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49378" }, { "reference_url": "https://github.com/cui2shark/cms/blob/main/CSRF%20exists%20at%20the%20creation%20location%20of%20the%20custom%20table.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/cui2shark/cms/blob/main/CSRF%20exists%20at%20the%20creation%20location%20of%20the%20custom%20table.md" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49378", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49378" }, { "reference_url": "https://github.com/advisories/GHSA-gw26-cchc-8f2f", "reference_id": "GHSA-gw26-cchc-8f2f", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gw26-cchc-8f2f" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/574451?format=api", "purl": "pkg:maven/com.jfinal/jfinal@5.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82p1-qbvu-efeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1" } ], "aliases": [ "CVE-2023-49378", "GHSA-gw26-cchc-8f2f" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uexx-rhq8-gue1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/133168?format=api", "vulnerability_id": "VCID-vjtk-sz1r-4yem", "summary": "JFinalCMS v5.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the column management department.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49485", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27072", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26872", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27088", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27074", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49485" }, { "reference_url": "https://github.com/jfinal/jfinal", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jfinal/jfinal" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49485", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49485" }, { "reference_url": "https://github.com/advisories/GHSA-f2w8-4m48-5qrq", "reference_id": "GHSA-f2w8-4m48-5qrq", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f2w8-4m48-5qrq" }, { "reference_url": "https://github.com/Rabb1ter/cms/blob/main/There%20is%20a%20storage%20type%20XSS%20in%20the%20column%20management%20department.md", "reference_id": "There%20is%20a%20storage%20type%20XSS%20in%20the%20column%20management%20department.md", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T15:27:30Z/" } ], "url": "https://github.com/Rabb1ter/cms/blob/main/There%20is%20a%20storage%20type%20XSS%20in%20the%20column%20management%20department.md" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/574451?format=api", "purl": "pkg:maven/com.jfinal/jfinal@5.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82p1-qbvu-efeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1" } ], "aliases": [ "CVE-2023-49485", "GHSA-f2w8-4m48-5qrq" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vjtk-sz1r-4yem" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/357647?format=api", "vulnerability_id": "VCID-x5b2-ryqc-tyfk", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49448", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50543", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50676", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50693", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.5068", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49448" }, { "reference_url": "https://github.com/ysuzhangbin/cms/blob/main/CSRF%20exists%20at%20the%20deletion%20point%20of%20navigation%20management.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ysuzhangbin/cms/blob/main/CSRF%20exists%20at%20the%20deletion%20point%20of%20navigation%20management.md" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49448", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49448" }, { "reference_url": "https://github.com/advisories/GHSA-pv3g-vc3q-8c9g", "reference_id": "GHSA-pv3g-vc3q-8c9g", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pv3g-vc3q-8c9g" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/574451?format=api", "purl": "pkg:maven/com.jfinal/jfinal@5.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82p1-qbvu-efeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1" } ], "aliases": [ "CVE-2023-49448", "GHSA-pv3g-vc3q-8c9g" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x5b2-ryqc-tyfk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62072?format=api", "vulnerability_id": "VCID-y9s5-n6we-byhn", "summary": "A stored XSS vulnerability exists in JFinalcms 5.0.0 via the /gusetbook/save content parameter, which allows remote attackers to inject arbitrary web script or HTML.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22493", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32078", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32074", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.31892", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32095", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22493" }, { "reference_url": "https://github.com/cui2shark/security/blob/main/%28JFinalcms%20content%20para%29A%20stored%20cross-site%20scripting%20%28XSS%29%20vulnerability%20was%20discovered%20in%20Jfinalcms%20content%20para.md", "reference_id": "%28JFinalcms%20content%20para%29A%20stored%20cross-site%20scripting%20%28XSS%29%20vulnerability%20was%20discovered%20in%20Jfinalcms%20content%20para.md", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T20:30:20Z/" } ], "url": "https://github.com/cui2shark/security/blob/main/%28JFinalcms%20content%20para%29A%20stored%20cross-site%20scripting%20%28XSS%29%20vulnerability%20was%20discovered%20in%20Jfinalcms%20content%20para.md" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22493", "reference_id": "CVE-2024-22493", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22493" }, { "reference_url": "https://github.com/advisories/GHSA-3j4x-9q9q-3277", "reference_id": "GHSA-3j4x-9q9q-3277", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3j4x-9q9q-3277" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/574451?format=api", "purl": "pkg:maven/com.jfinal/jfinal@5.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82p1-qbvu-efeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1" } ], "aliases": [ "CVE-2024-22493", "GHSA-3j4x-9q9q-3277" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y9s5-n6we-byhn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/146819?format=api", "vulnerability_id": "VCID-y9u5-hd6w-cbaz", "summary": "JFinalcms 5.0.0 is vulnerable to Cross Site Scripting (XSS) via Label management editing.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50101", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00193", "scoring_system": "epss", "scoring_elements": "0.41187", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00193", "scoring_system": "epss", "scoring_elements": "0.41362", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00193", "scoring_system": "epss", "scoring_elements": "0.41372", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00193", "scoring_system": "epss", "scoring_elements": "0.41354", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50101" }, { "reference_url": "https://github.com/jfinal/jfinal", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jfinal/jfinal" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-50101", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-50101" }, { "reference_url": "https://github.com/advisories/GHSA-m3p6-43xj-pf9v", "reference_id": "GHSA-m3p6-43xj-pf9v", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m3p6-43xj-pf9v" }, { "reference_url": "https://github.com/Jarvis-616/cms/blob/master/Label%20management%20editing%20with%20stored%20XSS.md", "reference_id": "Label%20management%20editing%20with%20stored%20XSS.md", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-20T20:49:10Z/" } ], "url": "https://github.com/Jarvis-616/cms/blob/master/Label%20management%20editing%20with%20stored%20XSS.md" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/574451?format=api", "purl": "pkg:maven/com.jfinal/jfinal@5.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82p1-qbvu-efeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1" } ], "aliases": [ "CVE-2023-50101", "GHSA-m3p6-43xj-pf9v" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y9u5-hd6w-cbaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/357621?format=api", "vulnerability_id": "VCID-yekz-6x9y-23e4", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49383", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50543", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50676", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50693", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.5068", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49383" }, { "reference_url": "https://github.com/cui2shark/cms/blob/main/Added%20CSRF%20in%20Label%20Management.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/cui2shark/cms/blob/main/Added%20CSRF%20in%20Label%20Management.md" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49383", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49383" }, { "reference_url": "https://github.com/advisories/GHSA-rq2q-hc6h-2px2", "reference_id": "GHSA-rq2q-hc6h-2px2", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rq2q-hc6h-2px2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/574451?format=api", "purl": "pkg:maven/com.jfinal/jfinal@5.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82p1-qbvu-efeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1" } ], "aliases": [ "CVE-2023-49383", "GHSA-rq2q-hc6h-2px2" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yekz-6x9y-23e4" } ], "risk_score": "3.1", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.jfinal/jfinal@5.0.1" }