Enviar #590704: web jfinal_cms V5.0.1 Cross-Site Request Forgeryinformación

Título	web jfinal_cms V5.0.1 Cross-Site Request Forgery
Descripción	During the security review of "jfinal_cms",I discovered a critical CSRF injection vulnerability in the "HOME.java" file. The logout method and others in the logout method do not impose restrictions on CSRF attacks, resulting in CSRF attacks
Fuente	⚠️ https://github.com/webzzaa/CVE-/issues/3
Usuario	Tom132432 (UID 85670)
Sumisión	2025-06-05 12:36 (hace 1 Año)
Moderación	2025-06-15 11:43 (10 days later)
Estado	Aceptado
Entrada de VulDB	312574 [jflyfox jfinal_cms 5.0.1 HOME.java Cerrar sesión falsificación de solicitudes en sitios cruzados]
Puntos	17

Do you want to use VulDB in your project?

Use the official API to access entries easily!