Description

A vulnerability was found in jeecg-boot 3.5.0 and classified as critical. This issue affects some unknown processing of the component API Documentation. The manipulation leads to improper authentication. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-224699.

Remediation

References

https://note.youdao.com/ynoteshare/index.html?id=7eb8fc804ea3544d8add43749a09173e

https://vuldb.com/?ctiid.224699

https://vuldb.com/?id.224699

Related Vulnerabilities

CVE-2020-36184 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind

CVE-2023-26487 Vulnerability in npm package vega

CVE-2016-9487 Vulnerability in maven package org.idpf:epubcheck

CVE-2021-33623 Vulnerability in npm package trim-newlines

CVE-2018-12432 Vulnerability in maven package net.bull.javamelody:javamelody-core

Severity

Critical

Classification

CWE-287 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Broken Link Permissions Required Third Party Advisory