6 matches found
CVE-2025-14908
CVE-2025-14908 affects JeecgBoot up to 3.9.0, with the vulnerability located in jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysTenantController.java of the Multi-Tenant Management Module. Improper authentication results from manipulating the a...
PT-2025-52398
Name of the Vulnerable Software and Affected Versions JeecgBoot versions up to 3.9.0 Description A security flaw exists in JeecgBoot that allows for improper authentication. The issue is related to the manipulation of the ID argument within an unknown function in the file...
JeecgBoot Authorization Issues Vulnerability (CNVD-2025-23073)
JeecgBoot is an open source low-code development platform based on the code generator of Beijing National Torch Information Technology Co. A security vulnerability exists in JeecgBoot 3.8.2 and earlier versions, which stems from improper authorization of the ids parameter in the...
CVE-2025-10981 JeecgBoot exportXls improper authorization
A vulnerability was detected in JeecgBoot up to 3.8.2. This impacts an unknown function of the file /sys/tenant/exportXls. Performing manipulation results in improper authorization. The attack can be initiated remotely. The exploit is now public and may be used. The vendor was contacted early abo...
CVE-2025-10977
CVE-2025-10977 affects JeecgBoot up to version 3.8.2. Affected is an unknown function in the file /sys/tenant/deleteBatch where manipulation of the ids argument leads to improper authorization. The vulnerability can be exploited remotely and is described with high attack complexity; exploits are ...
CVE-2025-10319
JeecgBoot is affected up to version 3.8.2 due to improper authorization in the Tenant Log Export component, specifically the /sys/tenant/exportLog path. A remote attack is possible and the exploit has been publicly released. Multiple sources (Red Hat, CNNVD, PT Security, CVE records) corroborate ...