Description
Jeecg boot up to v3.5.3 was discovered to contain an arbitrary file read vulnerability via the interface /testConnection.
Remediation
References
https://github.com/Snakinya/Bugs/issues/1
Related Vulnerabilities
CVE-2020-11991 Vulnerability in maven package org.apache.cocoon:cocoon-core
CVE-2018-5673 Vulnerability in maven package org.dojotoolkit:dojo
CVE-2023-37899 Vulnerability in npm package @feathersjs/transport-commons
CVE-2022-22881 Vulnerability in maven package org.jeecgframework.boot:jeecg-boot-base