Jeecg-boot is vulnerable to SQL injection
Critical severity
GitHub Reviewed
Published
Jan 19, 2023
to the GitHub Advisory Database
•
Updated Jan 26, 2023
Description
Published by the National Vulnerability Database
Jan 19, 2023
Published to the GitHub Advisory Database
Jan 19, 2023
Reviewed
Jan 20, 2023
Last updated
Jan 26, 2023
Jeecg-boot v3.4.4 was discovered to contain a SQL injection vulnerability via the component
/sys/dict/queryTableData. A patch was released in commit 0fc374.References