Filtered by vendor Jfinal
Subscribe
Search
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-17352 | 1 Jfinal | 1 Jfinal | 2019-10-15 | 5.0 MEDIUM | 7.5 HIGH |
| In JFinal cos before 2019-08-13, as used in JFinal 4.4, there is a vulnerability that can bypass the isSafeFile() function: one can upload any type of file. For example, a .jsp file may be stored and almost immediately deleted, but this deletion step does not occur for certain exceptions. | |||||