Lucene search
K

4 matches found

Cvelist
Cvelist
added 2025/12/28 7:2 a.m.26 views

CVE-2025-15125 JeecgBoot queryDepartPermission improper authorization

A security flaw has been discovered in JeecgBoot up to 3.9.0. Affected is the function queryDepartPermission of the file /sys/permission/queryDepartPermission. The manipulation of the argument departId results in improper authorization. The attack can be launched remotely. This attack is...

3.1CVSS0.0027EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/12/28 6:32 a.m.23 views

CVE-2025-15124 JeecgBoot list getParameterMap improper authorization

A vulnerability was identified in JeecgBoot up to 3.9.0. This impacts the function getParameterMap of the file /sys/sysDepartPermission/list. The manipulation of the argument departId leads to improper authorization. The attack can be initiated remotely. The attack's complexity is rated as high...

3.1CVSS0.0027EPSS
Exploits1References4
NVD
NVD
added 2025/12/28 5:16 a.m.4 views

CVE-2025-15121

A vulnerability has been found in JeecgBoot up to 3.9.0. The affected element is the function getDeptRoleByUserId of the file /sys/sysDepartRole/getDeptRoleByUserId. Such manipulation of the argument departId leads to information disclosure. The vendor was contacted early about this disclosure bu...

4.9CVSS0.00429EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/12/28 12:0 a.m.3 views

JeecgBoot 授权问题漏洞

JeecgBoot is a low-code development platform that fuses code generation and AI applications to help organizations rapidly achieve low-code development and build AI applications. JeecgBoot suffers from an authorization issue vulnerability, which stems from improper authorization of the parameter...

3.1CVSS5.8AI score0.0028EPSS
Exploits1References5
Rows per page
Query Builder