Description

In JeecgBoot 3.0, there is a SQL injection vulnerability that can operate the database with root privileges.

Remediation

References

https://github.com/jeecgboot/jeecg-boot/issues/3331

Related Vulnerabilities

CVE-2022-43435 Vulnerability in maven package org.jenkins-ci.plugins.plugin:fireline

CVE-2023-29204 Vulnerability in maven package org.xwiki.platform:xwiki-platform-oldcore

CVE-2023-40340 Vulnerability in maven package org.jenkins-ci.plugins:nodejs

CVE-2022-2216 Vulnerability in maven package org.webjars.npm:parse-url

CVE-2023-48711 Vulnerability in npm package google-translate-api-browser

Severity

Critical

Classification

CWE-89 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Exploit Issue Tracking Third Party Advisory