3 matches found
JeecgBoot SQL Injection Vulnerability
JeecgBoot versions from 3.4.3 up to 3.8.0 were found to contain a SQL injection vulnerability in the /jeecg-boot/online/cgreport/head/parseSql endpoint, which allows bypassing SQL blacklist restrictions...
PT-2025-34368 · Unknown · Jeecg-Boot
Name of the Vulnerable Software and Affected Versions: JeecgBoot versions 3.4.3 through 3.8.0 Description: JeecgBoot versions 3.4.3 through 3.8.0 contain a SQL injection vulnerability in the /jeecg-boot/online/cgreport/head/parseSql endpoint. This vulnerability allows bypassing SQL blacklist...
CVE-2025-51825
CVE-2025-51825 applies to JeecgBoot versions 3.4.3 through 3.8.0. A SQL injection vulnerability exists in the endpoint /jeecg-boot/online/cgreport/head/parseSql that allows bypassing SQL blacklist restrictions. The incident is documented across multiple feeds (NVD, Red Hat, GHSA, osv, etc.). Impa...