Description
Jeecg boot up to v3.5.3 was discovered to contain a SQL injection vulnerability via the component /jeecg-boot/jmreport/show.
Remediation
References
https://github.com/jeecgboot/jeecg-boot/issues/5311
Related Vulnerabilities
CVE-2017-16168 Vulnerability in npm package wffserve
CVE-2016-0710 Vulnerability in maven package org.apache.portals.jetspeed-2:jetspeed-security
CVE-2020-5397 Vulnerability in maven package org.springframework:spring-webflux
CVE-2020-13410 Vulnerability in npm package aedes
CVE-2019-10747 Vulnerability in maven package org.webjars.npm:set-value