CVE-2023-34660

Published: Jun 16, 2023
Updated: May 9, 2024
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2023-34660" target="_blank" rel="noopener"> CVE-2023-34660
GHSA: <a href="https://github.com/advisories/GHSA-jf2f-hvxx-4rqx" target="_blank" rel="noopener"> GHSA-jf2f-hvxx-4rqx
Severity: Medium
Exploit:

jjeecg-boot V3.5.0 has an unauthorized arbitrary file upload in /jeecg-boot/jmreport/upload interface.

CVSS v3:

CWEs:

Software	From	Fixed in
org.jeecgframework.boot / jeecg-boot-parent	-	3.5.0.x
jeecg / jeecg_boot	3.5.0	3.5.0.x
jeecg / jeecg_boot	3.5.1	3.5.1.x

Vulnerability Database