Jeecg: >> Jeecg Boot Security Vulnerabilities
A Cross Site Scripting (XSS) vulnerabilitiy exits in jeecg-boot 3.0 in /jeecg-boot/jmreport/view with a mouseover event.
CVSS Score
6.1
EPSS Score
0.003
Published
2022-03-10
Jeecg-boot v3.0 was discovered to contain a SQL injection vulnerability via the code parameter in /jeecg-boot/sys/user/queryUserByDepId.
CVSS Score
9.8
EPSS Score
0.01
Published
2022-02-16
Jeecg-boot v3.0 was discovered to contain a SQL injection vulnerability via the code parameter in /sys/user/queryUserComponentData.
CVSS Score
9.8
EPSS Score
0.01
Published
2022-02-16
In JeecgBoot 3.0, there is a SQL injection vulnerability that can operate the database with root privileges.
CVSS Score
9.8
EPSS Score
0.008
Published
2022-01-25
An arbitrary file upload vulnerability in /jeecg-boot/sys/common/upload of jeecg-boot CMS 2.3 allows attackers to execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.059
Published
2021-08-06
A SQL injection vulnerability in /jeecg boot/sys/dict/loadtreedata of jeecg-boot CMS 2.3 allows attackers to access sensitive database information.
CVSS Score
7.5
EPSS Score
0.007
Published
2021-08-06
Page 3