CVE-2025-10770

A vulnerability was found in jeecgboot JimuReport up to 2.1.2. This impacts an unknown function of the file /drag/onlDragDataSource/testConnection of the component MySQL JDBC Handler. Performing manipulation results in deserialization. Remote exploitation of the attack is possible. The exploit ha...

CVE-2025-10771

A vulnerability was determined in jeecgboot JimuReport up to 2.1.2. Affected is an unknown function of the file /drag/onlDragDataSource/testConnection of the component DB2 JDBC Handler. Executing manipulation of the argument clientRerouteServerListJNDIName can lead to deserialization. The attack...

CVE-2025-10771

A vulnerability was determined in jeecgboot JimuReport up to 2.1.2. Affected is an unknown function of the file /drag/onlDragDataSource/testConnection of the component DB2 JDBC Handler. Executing manipulation of the argument clientRerouteServerListJNDIName can lead to deserialization. The attack...

CVE-2025-10771

A vulnerability was determined in jeecgboot JimuReport up to 2.1.2. Affected is an unknown function of the file /drag/onlDragDataSource/testConnection of the component DB2 JDBC Handler. Executing manipulation of the argument clientRerouteServerListJNDIName can lead to deserialization. The attack...

CVE-2025-10771 jeecgboot JimuReport DB2 JDBC testConnection deserialization

A vulnerability was determined in jeecgboot JimuReport up to 2.1.2. Affected is an unknown function of the file /drag/onlDragDataSource/testConnection of the component DB2 JDBC Handler. Executing manipulation of the argument clientRerouteServerListJNDIName can lead to deserialization. The attack...

CVE-2025-10770 jeecgboot JimuReport MySQL JDBC testConnection deserialization

A vulnerability was found in jeecgboot JimuReport up to 2.1.2. This impacts an unknown function of the file /drag/onlDragDataSource/testConnection of the component MySQL JDBC Handler. Performing manipulation results in deserialization. Remote exploitation of the attack is possible. The exploit ha...

PT-2025-38668

Name of the Vulnerable Software and Affected Versions jeecgboot JimuReport versions up to 2.1.2 Description A vulnerability exists in jeecgboot JimuReport up to version 2.1.2. The issue impacts an unknown function within the /drag/onlDragDataSource/testConnection file of the MySQL JDBC Handler...

CVE-2025-8963

A vulnerability was determined in jeecgboot JimuReport up to 2.1.1. Affected by this issue is some unknown functionality of the file /drag/onlDragDataSource/testConnection of the component Data Large Screen Template. The manipulation leads to deserialization. The attack may be launched remotely...

PT-2025-33270 · Unknown · Jeecgboot Jimureport

Name of the Vulnerable Software and Affected Versions: jeecgboot JimuReport versions up to 2.1.1 Description: A vulnerability exists in jeecgboot JimuReport up to version 2.1.1, related to an unknown functionality within the /drag/onlDragDataSource/testConnection file of the Data Large Screen...

CVE-2024-1032

A vulnerability classified as critical was found in openBI up to 1.0.8. Affected by this vulnerability is the function testConnection of the file /application/index/controller/Databasesource.php of the component Test Connection Handler. The manipulation leads to deserialization. The attack can be...

CVE-2024-1032

CVE-2024-1032 concerns openBI up to v1.0.8, where the vulnerable component is the Test Connection Handler’s function testConnection in /application/index/controller/Databasesource.php. The issue is a deserialization vulnerability that can be exploited remotely, with public disclosure of the explo...

GHSA-PM8V-PPX7-8HR4 Jeecg boot arbitrary file read vulnerability

Jeecg boot up to v3.5.3 was discovered to contain an arbitrary file read vulnerability via the interface /testConnection...

Jeecg boot arbitrary file read vulnerability

Jeecg boot up to v3.5.3 was discovered to contain an arbitrary file read vulnerability via the interface /testConnection...

CVE-2023-41578

Jeecg boot up to v3.5.3 was discovered to contain an arbitrary file read vulnerability via the interface /testConnection...

CVE-2023-41578

Jeecg boot up to v3.5.3 was discovered to contain an arbitrary file read vulnerability via the interface /testConnection...

CVE-2023-41578

Jeecg boot up to v3.5.3 contains an arbitrary file read vulnerability exploitable via the /testConnection interface. The CVE entry documents impact to confidentiality (high) with no integrity/availability impact, and root cause is an insecure/unrestricted file read path exposed through the testCo...

CVE-2023-41578

Jeecg boot up to v3.5.3 was discovered to contain an arbitrary file read vulnerability via the interface /testConnection...

Jeecg-Boot Security Vulnerabilities

Jeecg-Boot is a low-code platform based on a code generator from the JeecgBoot community. A security vulnerability exists in Jeecg-Boot v3.5.3 and earlier versions, which stems from an arbitrary file read vulnerability in interface /testConnection...

Reflected XSS in Jenkins Compatibility Action Storage Plugin

Jenkins Compatibility Action Storage Plugin 1.0 and earlier does not escape the content coming from the MongoDB in the testConnection form validation endpoint, resulting in a reflected cross-site scripting XSS vulnerability...

Cross site scripting

Jenkins Compatibility Action Storage Plugin 1.0 and earlier does not escape the content coming from the MongoDB in the testConnection form validation endpoint, resulting in a reflected cross-site scripting XSS vulnerability...