Description
jeecg-boot v3.5.1 was discovered to contain a SQL injection vulnerability via the title parameter at /sys/dict/loadTreeData.
Remediation
References
https://github.com/jeecgboot/jeecg-boot/issues/5173
Related Vulnerabilities
CVE-2023-28155 Vulnerability in maven package org.webjars:request
CVE-2023-33201 Vulnerability in maven package org.bouncycastle:bcprov-ext-jdk18on
CVE-2021-25933 Vulnerability in maven package org.opennms:opennms-webapp
CVE-2010-5312 Vulnerability in npm package jquery-ui
CVE-2021-43859 Vulnerability in maven package com.thoughtworks.xstream:xstream