Description
jeecg-boot 3.5.0 and 3.5.1 have a SQL injection vulnerability the id parameter of the /jeecg-boot/jmreport/show interface.
Remediation
References
https://github.com/jeecgboot/jeecg-boot/issues/4976
Related Vulnerabilities
CVE-2017-16130 Vulnerability in npm package exxxxxxxxxxx
CVE-2018-3721 Vulnerability in npm package lodash
CVE-2019-5479 Vulnerability in npm package larvitbase-api
CVE-2014-0086 Vulnerability in maven package org.richfaces.core:richfaces-core-impl
CVE-2020-7611 Vulnerability in maven package io.micronaut:micronaut-http-client