Lucene search
+L

6 matches found

CVE
CVE
added 2025/12/19 12:32 a.m.24 views

CVE-2025-14908

CVE-2025-14908 affects JeecgBoot up to 3.9.0, with the vulnerability located in jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysTenantController.java of the Multi-Tenant Management Module. Improper authentication results from manipulating the a...

8.1CVSS6.4AI score0.00303EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/19 12:0 a.m.10 views

PT-2025-52398

Name of the Vulnerable Software and Affected Versions JeecgBoot versions up to 3.9.0 Description A security flaw exists in JeecgBoot that allows for improper authentication. The issue is related to the manipulation of the ID argument within an unknown function in the file...

8.1CVSS6.1AI score0.00303EPSS
Exploits1References10
CNVD
CNVD
added 2025/09/28 12:0 a.m.6 views

JeecgBoot Authorization Issues Vulnerability (CNVD-2025-23073)

JeecgBoot is an open source low-code development platform based on the code generator of Beijing National Torch Information Technology Co. A security vulnerability exists in JeecgBoot 3.8.2 and earlier versions, which stems from improper authorization of the ids parameter in the...

5.3CVSS7AI score0.00358EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/09/26 12:2 a.m.15 views

CVE-2025-10981 JeecgBoot exportXls improper authorization

A vulnerability was detected in JeecgBoot up to 3.8.2. This impacts an unknown function of the file /sys/tenant/exportXls. Performing manipulation results in improper authorization. The attack can be initiated remotely. The exploit is now public and may be used. The vendor was contacted early abo...

5.3CVSS0.00368EPSS
Exploits1References4
CVE
CVE
added 2025/09/25 10:32 p.m.26 views

CVE-2025-10977

CVE-2025-10977 affects JeecgBoot up to version 3.8.2. Affected is an unknown function in the file /sys/tenant/deleteBatch where manipulation of the ids argument leads to improper authorization. The vulnerability can be exploited remotely and is described with high attack complexity; exploits are ...

5.3CVSS4AI score0.00358EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2025/09/12 3:2 p.m.22 views

CVE-2025-10319

JeecgBoot is affected up to version 3.8.2 due to improper authorization in the Tenant Log Export component, specifically the /sys/tenant/exportLog path. A remote attack is possible and the exploit has been publicly released. Multiple sources (Red Hat, CNNVD, PT Security, CVE records) corroborate ...

6.5CVSS6.3AI score0.00298EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder