Antabot/White-Jotter

Antabot/White-Jotter

Releases1

Frequency

Last Release over 6 years ago

Stars2.54K

白卷是一款使用 Vue+Spring Boot 开发的前后端分离项目，附带全套开发教程。（A simple CMS developed by Spring Boot and Vue.js with development tutorials）

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-60803 ↗	Oct 24, 2025Friday, 24 October 2025, 16:26	9.8 CRITICAL	—
Antabot White-Jotter up to commit 9bcadc was discovered to contain an unauthenticated remote code execution (RCE) vulnerability via the component /api/aaa;/../register.
CVE-2025-8708 ↗	Aug 8, 2025Friday, 8 August 2025, 03:15	5 MEDIUM	4.6 MEDIUM
A vulnerability was found in Antabot White-Jotter 0.22. It has been declared as critical. This vulnerability affects the function CookieRememberMeManager of the file ShiroConfiguration.java of the component com.gm.wj.config.ShiroConfiguration. The manipulation with the input EVANNIGHTLY_WAOU leads to deserialization. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.
CVE-2023-29635 ↗	May 1, 2023Monday, 1 May 2023, 16:15	9.8 CRITICAL	—
File upload vulnerability in Antabot White-Jotter v0.2.2, allows remote attackers to execute malicious code via the file parameter to function coversUpload.