Description
Jeecg boot up to v3.5.3 was discovered to contain an arbitrary file read vulnerability via the interface /testConnection.
Remediation
References
https://github.com/Snakinya/Bugs/issues/1
Related Vulnerabilities
CVE-2021-20085 Vulnerability in npm package backbone-query-parameters
CVE-2020-28487 Vulnerability in maven package org.webjars.npm:vis-timeline
CVE-2013-4152 Vulnerability in maven package org.springframework:spring-oxm
CVE-2020-8158 Vulnerability in npm package typeorm
CVE-2016-4437 Vulnerability in maven package org.apache.shiro:shiro-core