JeecgBoot getDeptRoleByUserId function information leakage vulnerability

JeecgBoot is a low-code development platform that fuses code generation and AI applications to help organizations rapidly achieve low-code development and build AI applications. JeecgBoot suffers from an information disclosure vulnerability, which originates from a misbehavior of the parameter...

CVE-2025-15121

A vulnerability has been found in JeecgBoot up to 3.9.0. The affected element is the function getDeptRoleByUserId of the file /sys/sysDepartRole/getDeptRoleByUserId. Such manipulation of the argument departId leads to information disclosure. The vendor was contacted early about this disclosure bu...

EUVD-2025-205492

A vulnerability has been found in JeecgBoot up to 3.9.0. The affected element is the function getDeptRoleByUserId of the file /sys/sysDepartRole/getDeptRoleByUserId. Such manipulation of the argument departId leads to information disclosure. The vendor was contacted early about this disclosure bu...

CVE-2025-15121

JeecgBoot up to 3.9.0 is affected by an information-disclosure vulnerability in getDeptRoleByUserId (/sys/sysDepartRole/getDeptRoleByUserId). Manipulating the departId parameter may disclose information. According to connected reports, vendor contact was made but no response; no patch details are...

CVE-2025-15121 JeecgBoot getDeptRoleByUserId information disclosure

A vulnerability has been found in JeecgBoot up to 3.9.0. The affected element is the function getDeptRoleByUserId of the file /sys/sysDepartRole/getDeptRoleByUserId. Such manipulation of the argument departId leads to information disclosure. The vendor was contacted early about this disclosure bu...

JeecgBoot 访问控制错误漏洞

JeecgBoot is a low-code development platform that fuses code generation and AI applications to help organizations rapidly achieve low-code development and build AI applications. JeecgBoot suffers from an information disclosure vulnerability, which originates from a misbehavior of the parameter...

PT-2025-53636

Name of the Vulnerable Software and Affected Versions JeecgBoot versions up to 3.9.0 Description A flaw exists in JeecgBoot that allows information disclosure. The issue is related to the getDeptRoleByUserId function located in the /sys/sysDepartRole/getDeptRoleByUserId file. Manipulation of the...