CVE-2021-42242 (jfinal_cms)

A command execution vulnerability exists in jfinal_cms 5.0.1 via com.jflyfox.component.controller.Ueditor.

Source