CVE-2024-40489
CRITICAL SEVERITYCVSS Score & Metrics
Base Score
9.8 / 10
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Description
There is an injection vulnerability in jeecg boot versions 3.0.0 to 3.5.3 due to lax character filtering, which allows attackers to execute arbitrary code on components through specially crafted HTTP requests.
Vulnerability Details
Published Date
Last Modified
CWE ID
CWE-94
Source
NVD
Vendor
jeecg
Product
jeecg_boot
Discussion (0)
Add Comment
No comments yet. Be the first!