Description
Jeecg-boot v3.0 was discovered to contain a SQL injection vulnerability via the code parameter in /jeecg-boot/sys/user/queryUserByDepId.
Remediation
References
https://github.com/jeecgboot/jeecg-boot/issues/3347
Related Vulnerabilities
CVE-2022-35513 Vulnerability in npm package blink1control2
CVE-2023-31718 Vulnerability in npm package @frangoteam/fuxa
CVE-2021-23337 Vulnerability in maven package org.webjars.bowergithub.lodash:lodash
CVE-2020-12265 Vulnerability in maven package org.webjars.npm:decompress
CVE-2022-25878 Vulnerability in maven package org.webjars.npm:protobufjs