Lucene search
+L

9 matches found

Github Security Blog
Github Security Blog
added 2023/02/03 6:30 p.m.34 views

Insecure Permissions issue in jeecg-boot

An Insecure Permissions issue in jeecg-boot 2.4.5 and earlier allows remote attackers to gain escalated privilege and view sensitive information via api uri: /sys/user/querySysUser?username=admin...

7.5CVSS7.3AI score0.0352EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2023/02/03 6:30 p.m.22 views

Insecure Permissions issue in jeecg-boot

An Insecure Permissions issue in jeecg-boot 2.4.5 allows unauthenticated remote attackers to gain escalated privilege and view sensitive information via the httptrace interface...

7.5CVSS7.5AI score0.04013EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/02/03 6:30 p.m.24 views

GHSA-RWHW-6C6R-2823 Insecure Permissions issue in jeecg-boot

An Insecure Permissions issue in jeecg-boot 2.4.5 allows unauthenticated remote attackers to gain escalated privilege and view sensitive information via the httptrace interface...

7.5CVSS7.6AI score0.04013EPSS
Exploits0References3
OSV
OSV
added 2023/02/03 6:15 p.m.16 views

CVE-2021-37304

An Insecure Permissions issue in jeecg-boot 2.4.5 allows unauthenticated remote attackers to gain escalated privilege and view sensitive information via the httptrace interface...

7.5CVSS7.7AI score
Exploits0References1
Prion
Prion
added 2023/02/03 6:15 p.m.20 views

Design/Logic Flaw

An Insecure Permissions issue in jeecg-boot 2.4.5 allows unauthenticated remote attackers to gain escalated privilege and view sensitive information via the httptrace interface...

5CVSS7.6AI score0.04013EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/02/03 12:0 a.m.65 views

CVE-2021-37306

CVE-2021-37306 affects jeecg-boot up to version 2.4.5 and earlier, where insecure permissions allow remote attackers to gain escalated privileges and view sensitive information via the API endpoint /sys/user/checkOnlyUser?username=admin. The vulnerability is documented with a HIGH impact (CVSS v3...

7.5CVSS7.5AI score0.00801EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/02/03 12:0 a.m.33 views

CVE-2021-37305

An Insecure Permissions issue in jeecg-boot 2.4.5 and earlier allows remote attackers to gain escalated privilege and view sensitive information via api uri: /sys/user/querySysUser?username=admin...

7.8AI score0.0352EPSS
Exploits0References1
CVE
CVE
added 2023/02/03 12:0 a.m.85 views

CVE-2021-37304

CVE-2021-37304 : Insecure permissions in jeecg-boot 2.4.5 allow unauthenticated remote attackers to gain escalated privileges and view sensitive information via the httptrace interface. The root cause is insufficient permission checks, enabling information disclosure and privilege escalation. The...

7.5CVSS7.6AI score0.04013EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/02/03 12:0 a.m.102 views

CVE-2021-37305

CVE-2021-37305 affects jeecg-boot up to version 2.4.5. The issue is an insecure permissions flaw in the API endpoint /sys/user/querySysUser?username=admin, allowing remote attackers to gain escalated privileges and view sensitive information (e.g., email, phone, usernames). Reports from multiple ...

7.5CVSS7.5AI score0.0352EPSS
In wildExploits0References1Affected Software1
Rows per page
Query Builder