2 matches found
CVE-2020-20948
An arbitrary file download vulnerability in jeecg v3.8 allows attackers to access sensitive files via modification of the "localPath" variable...
CVE-2020-20948
CVE-2020-20948 affects jeecg v3.8, enabling arbitrary file download by modifying the localPath variable. The vulnerability stems from insufficient input validation/Access Control, allowing an attacker to access sensitive files. Exploitation status is not documented in the provided sources; no pat...