Description
jjeecg-boot V3.5.0 has an unauthorized arbitrary file upload in /jeecg-boot/jmreport/upload interface.
Remediation
References
https://github.com/jeecgboot/jeecg-boot/issues/4990
Related Vulnerabilities
CVE-2020-7645 Vulnerability in npm package chrome-launcher
CVE-2020-7680 Vulnerability in maven package org.webjars.npm:docsify
CVE-2019-10748 Vulnerability in npm package sequelize
CVE-2022-0272 Vulnerability in maven package io.gitlab.arturbosch.detekt:detekt-core
CVE-2010-5312 Vulnerability in maven package org.fujion.webjars:jquery-ui