JeecgBoot getPositionUserList function authorization issue vulnerability

JeecgBoot is a low-code development platform that fuses code generation and AI applications to help organizations rapidly achieve low-code development and build AI applications. JeecgBoot suffers from an authorization issue vulnerability that stems from improper authorization of the...

CVE-2025-15126

A weakness has been identified in JeecgBoot up to 3.9.0. Affected by this vulnerability is the function getPositionUserList of the file /sys/position/getPositionUserList. This manipulation of the argument positionId causes improper authorization. The attack may be initiated remotely. The complexi...

CVE-2025-15126

A weakness has been identified in JeecgBoot up to 3.9.0. Affected by this vulnerability is the function getPositionUserList of the file /sys/position/getPositionUserList. This manipulation of the argument positionId causes improper authorization. The attack may be initiated remotely. The complexi...

CVE-2025-15126 JeecgBoot getPositionUserList improper authorization

A weakness has been identified in JeecgBoot up to 3.9.0. Affected by this vulnerability is the function getPositionUserList of the file /sys/position/getPositionUserList. This manipulation of the argument positionId causes improper authorization. The attack may be initiated remotely. The complexi...

CVE-2025-15126 JeecgBoot getPositionUserList improper authorization

A weakness has been identified in JeecgBoot up to 3.9.0. Affected by this vulnerability is the function getPositionUserList of the file /sys/position/getPositionUserList. This manipulation of the argument positionId causes improper authorization. The attack may be initiated remotely. The complexi...

PT-2025-53641

Name of the Vulnerable Software and Affected Versions JeecgBoot versions up to 3.9.0 Description A weakness exists in JeecgBoot related to improper authorization. The issue is triggered by manipulating the positionId argument within the getPositionUserList function located in the...

JeecgBoot 授权问题漏洞

JeecgBoot is a low-code development platform that fuses code generation and AI applications to help organizations rapidly achieve low-code development and build AI applications. JeecgBoot suffers from an authorization issue vulnerability that stems from improper authorization of the...