Vulnerability Details CVE-2024-57776
A cross-site scripting (XSS) vulnerability in the /apply/getEditPage?view interface of JFinalOA before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 9.0%
CVSS Severity
CVSS v3 Score 4.6
Products affected by CVE-2024-57776
-
cpe:2.3:a:jfinaloa_project:jfinaloa:1.0
-
cpe:2.3:a:jfinaloa_project:jfinaloa:1.0.1
-
cpe:2.3:a:jfinaloa_project:jfinaloa:1.0.2
-
cpe:2.3:a:jfinaloa_project:jfinaloa:1.1
-
cpe:2.3:a:jfinaloa_project:jfinaloa:2021-09-07