CVE-2024-44676
Published
CVSS v3
4.8
MEDIUM
CVSS v2
N/A
Affected
2
PROJECTS
Description
eladmin v2.7 and before is vulnerable to Cross Site Scripting (XSS) which allows an attacker to execute arbitrary code via LocalStoreController. java.
eladmin jpa 版本:项目基于 Spring Boot 2.7.18、 Jpa、 Spring Security、Redis、Vue的前后端分离的后台管理系统,项目采用分模块开发方式, 权限控制采用 RBAC,支持数据字典与数据权限管理,支持一键生成前后端代码,支持动态路由
GitHubGitHub