Description
jeecg-boot 3.5.0 and 3.5.1 have a SQL injection vulnerability the id parameter of the /jeecg-boot/jmreport/show interface.
Remediation
References
https://github.com/jeecgboot/jeecg-boot/issues/4976
Related Vulnerabilities
CVE-2015-8858 Vulnerability in npm package uglify-js
CVE-2023-37478 Vulnerability in npm package @pnpm/win-x64
CVE-2023-26470 Vulnerability in maven package org.xwiki.platform:xwiki-platform-oldcore
CVE-2023-34615 Vulnerability in maven package net.pwall.json:jsonutil
CVE-2023-24445 Vulnerability in maven package org.jenkins-ci.plugins:openid