CVE-2023-50101: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

December 14, 2023 (updated December 15, 2023)

JFinalcms 5.0.0 is vulnerable to Cross Site Scripting (XSS) via Label management editing.

References

github.com/Jarvis-616/cms/blob/master/Label%20management%20editing%20with%20stored%20XSS.md
github.com/advisories/GHSA-m3p6-43xj-pf9v
nvd.nist.gov/vuln/detail/CVE-2023-50101

Detect and mitigate CVE-2023-50101 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →