CVE-2022-37203

Name of the Vulnerable Software and Affected Versions JFinal CMS version 5.1.0

Description The issue is related to SQL Injection. It is mentioned that certain interfaces in JFinal CMS do not utilize the same component or filters but instead use their own SQL concatenation methods, which results in SQL injection.

Recommendations For JFinal CMS version 5.1.0, consider disabling or restricting the use of SQL concatenation methods in affected interfaces until a patch is available. Restrict access to sensitive data to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.