Zone1-Z/CVE-2023-40989

Releases0

SQL injection vulnerbility in jeecgboot jeecg-boot v. allows a remote attacker to execute arbitrary code via a crafted request to the report/jeecgboot/jmreport/queryFieldBySql component.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-40989 ↗	Sep 22, 2023Friday, 22 September 2023, 20:15	9.8 CRITICAL	—
SQL injection vulnerbility in jeecgboot jeecg-boot v 3.0, 3.5.3 that allows a remote attacker to execute arbitrary code via a crafted request to the report/jeecgboot/jmreport/queryFieldBySql component.