Miggo Logo
Miggo Vulnerability Database
CVE-2022-36527

CVE-2022-36527: Jfinal Cross-site Scripting vulnerability

5.4

CVSS Score
3.1

Basic Information

CVE ID
CVE-2022-36527
GHSA ID
GHSA-34j6-m83c-52x2
EPSS Score
0.284%
CWE
CWE-79
Published
8/26/2022
Updated
1/30/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
com.jflyfox:jflyfox_jfinalmaven<= 5.1.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis:
In progress

WAF Protection Rules

WAF Rule

J*in*l *MS v*.*.* *llows *tt**k*rs to *x**ut* *r*itr*ry w** s*ripts or *TML vi* * *r**t** p*ylo** inj**t** into t** post titl* t*xt *i*l* un**r t** pu*lis* *lo* mo*ul*.

Reasoning

No *n*lysis *v*il**l*