jfinal up to 4.9.08 deserialization [CVE-2021-31649]
A vulnerability was found in jfinal up to 4.9.08. It has been classified as critical. Affected is some unknown processing.
JFinal up to 4.9.10 Controller set cross site scripting
A vulnerability, which was classified as problematic, was found in JFinal up to 4.9.10. Affected is the function set of