CVE-2022-2647
CVE-2022-2647 affects jeecg-boot and enables unrestricted file upload via the /api/ path. The root cause appears to be insufficient input/file-type validation in the code path handling file arguments (e.g., Veracode cites lack of checks in FileTypeFilter.java). Public exploitation is noted in the...