Description
jeecg-boot v3.5.1 was discovered to contain a SQL injection vulnerability via the title parameter at /sys/dict/loadTreeData.
Remediation
References
https://github.com/jeecgboot/jeecg-boot/issues/5173
Related Vulnerabilities
CVE-2023-34614 Vulnerability in maven package cc.plural:jsonij
CVE-2023-29509 Vulnerability in maven package org.xwiki.platform:xwiki-platform-flamingo-theme-ui
CVE-2021-44906 Vulnerability in maven package org.webjars.bowergithub.substack:minimist
CVE-2023-37466 Vulnerability in maven package org.webjars.npm:vm2