com.mxpio:jeecg-boot-module-system is vulnerable to SQL injection attacks. An attacker is able to execute arbitrary SQL commands via id
and realname
parameters in queryUserByDepId
function.
CPE | Name | Operator | Version |
---|---|---|---|
jeecg-boot-module-system | eq | 2.2.3 | |
jeecg-boot-module-system | eq | 2.2.3 |