Jeecg: >> Jeecg Boot >> 3.4.4 Security Vulnerabilities
Jeecg boot up to v3.5.3 was discovered to contain a SQL injection vulnerability via the component /jeecg-boot/jmreport/show.
CVSS Score
9.8
EPSS Score
0.005
Published
2023-09-08
SQL injection vulnerability in Jeecg-boot v.3.5.0 and before allows a local attacker to cause a denial of service via the Benchmark, PG_Sleep, DBMS_Lock.Sleep, Waitfor, DECODE, and DBMS_PIPE.RECEIVE_MESSAGE functions.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-08-17
Jeecg-boot v3.4.4 was discovered to contain a SQL injection vulnerability via the component /sys/dict/queryTableData.
CVSS Score
9.8
EPSS Score
0.011
Published
2023-01-19
Page 4