Description

A vulnerability was found in jeecg-boot 3.5.0 and classified as critical. This issue affects some unknown processing of the component API Documentation. The manipulation leads to improper authentication. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-224699.

Remediation

References

https://note.youdao.com/ynoteshare/index.html?id=7eb8fc804ea3544d8add43749a09173e

https://vuldb.com/?ctiid.224699

https://vuldb.com/?id.224699

Related Vulnerabilities

CVE-2020-1938 Vulnerability in maven package org.apache.tomcat:tomcat-util

CVE-2020-2278 Vulnerability in maven package org.jenkins-ci.plugins:storable-configs-plugin

CVE-2022-39368 Vulnerability in maven package org.eclipse.californium:scandium

CVE-2019-10392 Vulnerability in maven package org.jenkins-ci.plugins:git-client

CVE-2019-12041 Vulnerability in npm package remarkable

Severity

Critical

Classification

CWE-287 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Broken Link Permissions Required Third Party Advisory