search

jcasbin / jfinal-authz

Casbin Authorization Plugin for JFinal
https://github.com/casbin/jcasbin
Apache License 2.0
7 stars 6 forks source link

Fix bug of "Cross-site Scripting in Jfinal CMS" #5

Open hsluoyz opened 2 years ago

hsluoyz commented 2 years ago

https://github.com/jcasbin/jfinal-authz/security/dependabot/1

image

PrathamJaiswal001 commented 1 year ago

@hsluoyz can you please elaborate it and also the link attached is not working.

hsluoyz commented 1 year ago

I think upgrading JFinal from v5.1.0 to a newer version would fix it

hsluoyz commented 1 year ago

@OutOfEastGate

OutOfEastGate commented 1 year ago

@PrathamJaiswal001 The JFinal CMS is addressing this issue details: https://github.com/jflyfox/jfinal_cms/pull/47 A later upgrade to the latest version may fix it

hsluoyz commented 1 year ago

@OutOfEastGate OK, let's wait for official fix