Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES SCA (Software Composition Analysis)

CVE-2023-33510 Vulnerability in maven package org.jeecgframework.p3:jeecg-p3-biz-chat

Description

Jeecg P3 Biz Chat 1.0.5 allows remote attackers to read arbitrary files through specific parameters.

Remediation

References

https://carl1l.github.io/2023/05/08/jeecg-p3-biz-chat-1-0-5-jar-has-arbitrary-file-read-vulnerability/

Related Vulnerabilities

CVE-2018-20059 Vulnerability in maven package ro.pippo:pippo-jaxb

CVE-2022-21653 Vulnerability in maven package org.typelevel:jawn-parser_3

CVE-2023-29210 Vulnerability in maven package org.xwiki.platform:xwiki-platform-notifications-ui

CVE-2020-7766 Vulnerability in maven package org.webjars.npm:json-ptr

CVE-2022-45391 Vulnerability in maven package io.jenkins.plugins:cavisson-ns-nd-integration

Severity

High

Classification

CWE-668 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Exploit Third Party Advisory