CVE-2024-53477
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2024-53477: A critical vulnerability has been identified in JFinal CMS version 5.1.0. Hackers can exploit this issue by executing arbitrary commands through unauthorized deserialization in the file ApiForm.java. This vulnerability poses a significant risk as it allows attackers to gain administrative access and control over affected systems. Users are strongly advised to update their JFinal CMS installations to a secure version to mitigate this threat. Failure to patch this vulnerability may result in data theft, system compromise, or other malicious activities.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- CMs
Affected Vendors
- Pluck -