Deserialization of Untrusted Data in jeecgFormDemoController in JEECG 4.0 and earlier allows attackers to run arbitrary code via crafted POST request.
CVSS Score
9.8
EPSS Score
0.657
Published
2024-01-03