CVE-2023-43191 Information

Description

JFinalCMS foreground message can be embedded malicious code saved in the database. When users browse the comments these malicious codes embedded in the HTML will be executed and the user’s browser will be controlled by the attacker so as to achieve the special purpose of the attacker such as cookie theft

Reference

https://github.com/etn0tw/cmscve_test/blob/main/README.md