Codermy My-springsecurity-plus — known CVE vulnerabilities
Every CVE whose affected-product data names Codermy My-springsecurity-plus, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2024-40539 — CVSS 9.8 (critical): my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/user.
CVE-2024-40540 — CVSS 9.8 (critical): my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/dept.
CVE-2024-40541 — CVSS 9.8 (critical): my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at…
CVE-2024-40542 — CVSS 9.8 (critical): my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at…