2 matches found
org.jeecgframework.boot:jeecg-boot-starter-cloud (>=3.4.0 <=3.5.3), org.jeecgframework.boot:jeecg-boot-starter-lock (>=3.4.0 <=3.5.3) +1 more potentially affected by CVE-2023-41543 via org.jeecgframework.boot:jeecg-boot-common (>=3.4.0 <=3.5.3)
org.jeecgframework.boot:jeecg-boot-common MAVEN version =3.4.0, =3.4.0, =3.4.0, =3.4.0, =3.5.3 Source cves: CVE-2023-41543 Source advisory: OSV:GHSA-FR29-W6J4-525F...
CVE-2023-41543
The set of connected documents confirms a SQL injection vulnerability in jeecg-boot, affecting version 3.5.3, exploitable via the /sys/replicate/check component. Root cause cited is improper input handling leading to SQL injection, enabling remote attackers to escalate privileges and access sensi...