Description
jjeecg-boot V3.5.0 has an unauthorized arbitrary file upload in /jeecg-boot/jmreport/upload interface.
Remediation
References
https://github.com/jeecgboot/jeecg-boot/issues/4990
Related Vulnerabilities
CVE-2019-16869 Vulnerability in maven package io.netty:netty-all
CVE-2023-45277 Vulnerability in maven package org.yamcs:yamcs-core
CVE-2018-16487 Vulnerability in npm package lodash.mergewith
CVE-2023-29521 Vulnerability in maven package org.xwiki.platform:xwiki-platform-vfs-ui
CVE-2023-40809 Vulnerability in maven package org.opencrx:opencrx-core-models