Vulnerability Details CVE-2024-57771
A cross-site scripting (XSS) vulnerability in the common/getEditPage?view interface of JFinalOA before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 9.7%
CVSS Severity
CVSS v3 Score 4.8
References
Products affected by CVE-2024-57771
-
cpe:2.3:a:jfinaloa_project:jfinaloa:1.0
-
cpe:2.3:a:jfinaloa_project:jfinaloa:1.0.1
-
cpe:2.3:a:jfinaloa_project:jfinaloa:1.0.2
-
cpe:2.3:a:jfinaloa_project:jfinaloa:1.1
-
cpe:2.3:a:jfinaloa_project:jfinaloa:2021-09-07