JimuReport 代码问题漏洞

JimuReport is a free reporting tool open source by JEECG in China. A code issue vulnerability exists in JimuReport 2.1.2 and earlier versions, which stems from improper manipulation of the parameter clientRerouteServerListJNDIName in the file /drag/onlDragDataSource/testConnection in the componen...

CVE-2023-27867

IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 could allow a remote authenticated attacker to execute arbitrary code via JNDI Injection. By sending a specially crafted request using the property clientRerouteServerListJNDIName, an attacker could exploit this...