A command execution vulnerability exists in jfinal_cms 5.0.1 via com.jflyfox.component.controller.Ueditor.Referenceshttps://github.com/jflyfox/jfinal_cms/issues/28
