Vulnerability Details CVE-2023-49442
Deserialization of Untrusted Data in jeecgFormDemoController in JEECG 4.0 and earlier allows attackers to run arbitrary code via crafted POST request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.657
EPSS Ranking 98.4%
CVSS Severity
CVSS v3 Score 9.8
Products affected by CVE-2023-49442
-
cpe:2.3:a:jeecg:jeecg:-
-
cpe:2.3:a:jeecg:jeecg:2.0.2
-
cpe:2.3:a:jeecg:jeecg:2.1.0
-
cpe:2.3:a:jeecg:jeecg:2.1.1
-
cpe:2.3:a:jeecg:jeecg:2.1.2
-
cpe:2.3:a:jeecg:jeecg:2.1.3
-
cpe:2.3:a:jeecg:jeecg:2.1.4
-
cpe:2.3:a:jeecg:jeecg:2.2.0
-
cpe:2.3:a:jeecg:jeecg:2.2.1
-
cpe:2.3:a:jeecg:jeecg:2.3
-
cpe:2.3:a:jeecg:jeecg:2.3.0
-
cpe:2.3:a:jeecg:jeecg:2.4.0
-
cpe:2.3:a:jeecg:jeecg:2.4.1
-
cpe:2.3:a:jeecg:jeecg:2.4.2
-
cpe:2.3:a:jeecg:jeecg:2.4.3
-
cpe:2.3:a:jeecg:jeecg:2.4.5
-
cpe:2.3:a:jeecg:jeecg:2.4.6
-
cpe:2.3:a:jeecg:jeecg:3.0
-
cpe:2.3:a:jeecg:jeecg:3.0.0
-
cpe:2.3:a:jeecg:jeecg:3.1.0
-
cpe:2.3:a:jeecg:jeecg:3.2.0
-
cpe:2.3:a:jeecg:jeecg:3.3.0
-
cpe:2.3:a:jeecg:jeecg:3.4.0
-
cpe:2.3:a:jeecg:jeecg:3.4.2
-
cpe:2.3:a:jeecg:jeecg:3.4.3
-
cpe:2.3:a:jeecg:jeecg:3.4.4
-
cpe:2.3:a:jeecg:jeecg:3.8
-
cpe:2.3:a:jeecg:jeecg:4.0