Description
JeecgBoot up to v 3.5.1 was discovered to contain a SQL injection vulnerability via the component queryFilterTableDictInfo at org.jeecg.modules.api.controller.SystemApiController.
Remediation
References
https://github.com/jeecgboot/jeecg-boot/issues/4984
Related Vulnerabilities
CVE-2023-6393 Vulnerability in maven package io.quarkus:quarkus-cache
CVE-2023-20861 Vulnerability in maven package org.springframework:spring-expression
CVE-2022-42004 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind
CVE-2023-28462 Vulnerability in maven package fish.payara.server:payara-aggregator