CVE-2024-44677
Published
CVSS v3
9.8
CRITICAL
CVSS v2
N/A
Affected
2
PROJECTS
Description
eladmin v2.7 and before is vulnerable to Server-Side Request Forgery (SSRF) which allows an attacker to execute arbitrary code via the DatabaseController.java component.
eladmin jpa 版本:项目基于 Spring Boot 2.7.18、 Jpa、 Spring Security、Redis、Vue的前后端分离的后台管理系统,项目采用分模块开发方式, 权限控制采用 RBAC,支持数据字典与数据权限管理,支持一键生成前后端代码,支持动态路由
GitHubGitHub