Description
JeecgBoot up to v 3.5.1 was discovered to contain a SQL injection vulnerability via the component queryTableDictItemsByCode at org.jeecg.modules.api.controller.SystemApiController.
Remediation
References
https://github.com/jeecgboot/jeecg-boot/issues/4983
Related Vulnerabilities
CVE-2021-43571 Vulnerability in npm package starkbank-ecdsa
CVE-2023-43643 Vulnerability in maven package org.owasp.antisamy:antisamy
CVE-2022-25857 Vulnerability in maven package org.yaml:snakeyaml
CVE-2012-5784 Vulnerability in maven package axis:axis
CVE-2017-1000427 Vulnerability in maven package org.webjars.npm:marked