JeecgBoot queryPageList function authorization issue vulnerability

JeecgBoot is a low-code development platform that fuses code generation and AI applications to help organizations rapidly achieve low-code development and build AI applications. JeecgBoot has an authorization issue vulnerability that originates from improper authorization of parameter deptId in t...

CVE-2025-15119

A vulnerability was detected in JeecgBoot up to 3.9.0. This issue affects the function queryPageList of the file /sys/sysDepartRole/list. The manipulation of the argument deptId results in improper authorization. The attack can be executed remotely. A high complexity level is associated with this...

CVE-2025-15119 JeecgBoot list queryPageList improper authorization

A vulnerability was detected in JeecgBoot up to 3.9.0. This issue affects the function queryPageList of the file /sys/sysDepartRole/list. The manipulation of the argument deptId results in improper authorization. The attack can be executed remotely. A high complexity level is associated with this...

CVE-2025-15119

Summary: CVE-2025-15119 affects JeecgBoot up to 3.9.0. The vulnerability lies in the function queryPageList of the file /sys/sysDepartRole/list, where manipulating the department identifier (deptId) enables improper authorization. This can be exploited remotely with high exploit complexity; explo...

PT-2025-53634

Name of the Vulnerable Software and Affected Versions JeecgBoot versions up to 3.9.0 Description A flaw exists in JeecgBoot that relates to improper authorization. This issue is present in the queryPageList function within the /sys/sysDepartRole/list file. Manipulation of the deptId argument can...