CVE-2022-37199: SQL injection in jflyfox jfinal

Severity: Critical

CVSS Score: 9.8

JFinal CMS 5.1.0 is vulnerable to SQL Injection via /jfinal_cms/system/user/list.