Jeecg Boot Security Vulnerabilities and Issues — Jeecg Boot CVE List

Lucene search

JeecgJeecg Boot

3 matches found

CVE•added 2023/12/30 4:15 a.m.•58 views

CVE-2023-41544

SSTI injection vulnerability in jeecg-boot version 3.5.3, allows remote attackers to execute arbitrary code via crafted HTTP request to the /jmreport/loadTableData component.

9.8CVSS9.7AI score0.17615EPSS

CVE•added 2023/12/30 2:15 a.m.•41 views

CVE-2023-41542

SQL injection vulnerability in jeecg-boot version 3.5.3, allows remote attackers to escalate privileges and obtain sensitive information via the jmreport/qurestSql component.

9.8CVSS9.7AI score0.00227EPSS

CVE•added 2023/12/30 2:15 a.m.•38 views

CVE-2023-41543

SQL injection vulnerability in jeecg-boot v3.5.3, allows remote attackers to escalate privileges and obtain sensitive information via the component /sys/replicate/check.

9.8CVSS9.6AI score0.00968EPSS