CVE-2023-34659

Published: Jun 16, 2023
Updated: May 9, 2024
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2023-34659" target="_blank" rel="noopener"> CVE-2023-34659
GHSA: <a href="https://github.com/advisories/GHSA-934g-fvcc-4833" target="_blank" rel="noopener"> GHSA-934g-fvcc-4833
Severity: Critical
Exploit:

jeecg-boot 3.5.0 and 3.5.1 have a SQL injection vulnerability the id parameter of the /jeecg-boot/jmreport/show interface.

CVSS v3:

CWEs:

OWASP TOP 10:

Software	From	Fixed in
jeecg / jeecg_boot	3.5.0	3.5.0.x
jeecg / jeecg_boot	3.5.1	3.5.1.x
org.jeecgframework.boot / jeecg-boot-parent	3.5.0	3.5.1.x

Vulnerability Database