CVE-2025-66913
Published
CVSS v3
9.8
CRITICAL
CVSS v2
N/A
Affected
1
PROJECT
Description
JimuReport thru version 2.1.3 is vulnerable to remote code execution when processing user-controlled H2 JDBC URLs. The application passes the attacker-supplied JDBC URL directly to the H2 driver, allowing the use of certain directives to execute arbitrary Java code. A different vulnerability than CVE-2025-10770.
免费的AI可视化报表。一句话描述需求,AI 自动生成报表与数据大屏;同时提供类 Excel 拖拽设计器,兼容 30 余种数据源,轻松应对各类复杂报表场景——帆软、Tableau 的高性价比开源替代。
GitHub