org.jeecgframework.boot:jeecg-boot-common (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package org.jeecgframework.boot:jeecg-boot-common, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (8)
CVE-2023-41544 — CVSS 9.8 (critical): SSTI injection vulnerability in jeecg-boot version 3.5.3, allows remote attackers to execute arbitrary code via crafted HTTP request to the…
CVE-2023-38992 — CVSS 9.8 (critical): jeecg-boot v3.5.1 was discovered to contain a SQL injection vulnerability via the title parameter at /sys/dict/loadTreeData.
CVE-2023-40989 — CVSS 9.8 (critical): SQL injection vulnerbility in jeecgboot jeecg-boot v 3.0, 3.5.3 that allows a remote attacker to execute arbitrary code via a crafted…
CVE-2023-41542 — CVSS 9.8 (critical): SQL injection vulnerability in jeecg-boot version 3.5.3, allows remote attackers to escalate privileges and obtain sensitive information…
CVE-2023-41543 — CVSS 9.8 (critical): SQL injection vulnerability in jeecg-boot v3.5.3, allows remote attackers to escalate privileges and obtain sensitive information via the…
CVE-2024-57606 — CVSS 7.5 (high): SQL injection vulnerability in Beijing Guoju Information Technology Co., Ltd JeecgBoot v.3.7.2 allows a remote attacker to obtain sensitive…
CVE-2023-47467 — CVSS 6.5 (medium): Directory Traversal vulnerability in jeecg-boot v.3.6.0 allows a remote privileged attacker to obtain sensitive information via the file…
CVE-2023-1454 — CVSS 6.3 (medium): A vulnerability classified as critical has been found in jeecg-boot 3.5.0. This affects an unknown part of the file jmreport/qurestSql. The…