Jeecg: Security Vulnerabilities
jeecg-boot v3.4.4 was discovered to contain an authenticated SQL injection vulnerability via the building block report component.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-03-06
An Insecure Permissions issue in jeecg-boot 2.4.5 allows unauthenticated remote attackers to gain escalated privilege and view sensitive information via the httptrace interface.
CVSS Score
7.5
EPSS Score
0.494
Published
2023-02-03
An Insecure Permissions issue in jeecg-boot 2.4.5 and earlier allows remote attackers to gain escalated privilege and view sensitive information via api uri: /sys/user/querySysUser?username=admin.
CVSS Score
7.5
EPSS Score
0.468
Published
2023-02-03
An Insecure Permissions issue in jeecg-boot 2.4.5 and earlier allows remote attackers to gain escalated privilege and view sensitive information via api uri: api uri:/sys/user/checkOnlyUser?username=admin.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-02-03
Jeecg-boot v3.4.4 was discovered to contain a SQL injection vulnerability via the component /sys/dict/queryTableData.
CVSS Score
9.8
EPSS Score
0.004
Published
2023-01-19
Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/dict/queryTableData.
CVSS Score
5.3
EPSS Score
0.002
Published
2022-11-25
Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/duplicate/check.
CVSS Score
9.8
EPSS Score
0.001
Published
2022-11-25
Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component updateNullByEmptyString.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-11-25
Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/user/putRecycleBin.
CVSS Score
4.3
EPSS Score
0.0
Published
2022-11-25
Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/user/deleteRecycleBin.
CVSS Score
4.3
EPSS Score
0.0
Published
2022-11-25