Jeecg Boot
Monthly
Server-side request forgery in JeecgBoot 3.9.0's /sys/common/uploadImgByHttp endpoint allows authenticated attackers to manipulate the fileUrl parameter and make arbitrary HTTP requests from the vulnerable server. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early disclosure notification.
SQL injection in JeecgBoot versions up to 3.9.1 allows authenticated remote attackers to manipulate the keyword parameter in the dictionary loading endpoint, potentially enabling unauthorized data access or modification. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires valid credentials but can be executed over the network with low complexity.
JeecgBoot 3.9.1's RAG knowledge controller fails to properly validate ZIP file imports, allowing authenticated remote attackers to trigger unsafe deserialization with public exploit code available. The vulnerability requires authentication and complex attack execution but could enable information disclosure or integrity compromise. No patch is currently available from the vendor.
Path traversal in JeecgBoot's Retrieval-Augmented Generation Module (versions up to 3.9.0) allows authenticated remote attackers to access arbitrary files through manipulation of the filePath parameter in the /airag/knowledge/doc/edit endpoint. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early notification.
SQL injection in JeecgBoot 3.9.0's Online Report API endpoint allows authenticated remote attackers to manipulate the keyword parameter and execute arbitrary database queries. Public exploit code exists for this vulnerability, and the vendor has not provided a patch despite early notification. An attacker with valid credentials can leverage this flaw to read, modify, or delete sensitive database information.
A weakness has been identified in JeecgBoot up to 3.9.0. Affected by this vulnerability is the function getPositionUserList of the file /sys/position/getPositionUserList. This manipulation of the argument positionId causes improper authorization. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
A security flaw has been discovered in JeecgBoot up to 3.9.0. Affected is the function queryDepartPermission of the file /sys/permission/queryDepartPermission. The manipulation of the argument departId results in improper authorization. The attack can be launched remotely. This attack is characterized by high complexity. The exploitability is told to be difficult. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability was identified in JeecgBoot up to 3.9.0. This impacts the function getParameterMap of the file /sys/sysDepartPermission/list. The manipulation of the argument departId leads to improper authorization. The attack can be initiated remotely. The attack's complexity is rated as high. The exploitability is said to be difficult. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability was determined in JeecgBoot up to 3.9.0. This affects an unknown function of the file /sys/sysDepartPermission/datarule/. Executing manipulation can lead to improper authorization. It is possible to launch the attack remotely. The attack requires a high level of complexity. The exploitability is reported as difficult. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Improper authorization in JeecgBoot up to version 3.9.0 allows authenticated remote attackers to manipulate departId and roleId parameters in the /sys/sysDepartRole/datarule/ endpoint to disclose sensitive information. The vulnerability requires legitimate user access and high exploitation complexity, but publicly available exploit code exists and the vendor did not respond to early disclosure attempts.
Improper authorization in JeecgBoot up to version 3.9.0 allows authenticated remote attackers to access unauthorized department role data via manipulation of the departId parameter in the getDeptRoleList endpoint, resulting in information disclosure of sensitive role assignments. The vulnerability requires login credentials and high attack complexity but has publicly available exploit code; however, real-world exploitation risk remains minimal given the 0.03% EPSS score and authentication prerequisite.
A vulnerability was detected in JeecgBoot up to 3.9.0. This issue affects the function queryPageList of the file /sys/sysDepartRole/list. The manipulation of the argument deptId results in improper authorization. The attack can be executed remotely. A high complexity level is associated with this attack. The exploitability is assessed as difficult. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
JeecgBoot versions up to 3.9.0 allow authenticated remote attackers to manipulate user session management through the SysUserOnlineController, resulting in unauthorized session access with low availability impact. Public exploit code is available, though the CVSS score of 2.1 reflects limited real-world risk due to the requirement for authenticated access and minimal impact scope. Active exploitation has not been confirmed in CISA KEV, and the EPSS score of 0.13% indicates low probability of widespread exploitation despite public POC availability.
Authentication bypass in JeecgBoot up to version 3.9.0 allows authenticated remote attackers to manipulate tenant ID arguments in the SysTenantController, resulting in improper authentication checks that grant unauthorized access to other tenants' data. The vulnerability has a low CVSS score of 2.1 but publicly available exploit code exists, suggesting active researcher interest despite minimal real-world impact signals (EPSS 0.32%, low severity scope). Exploitation requires prior authentication and produces only limited information disclosure within the multi-tenant architecture.
Jeecgboot versions 3.8.2 and earlier are affected by a path traversal vulnerability. The endpoint is /sys/comment/addFile. This vulnerability allows attackers to upload files with system-whitelisted extensions to the system directory /opt, instead of the /opt/upFiles directory specified by the web server.
Jeecgboot versions 3.8.2 and earlier are affected by a path traversal vulnerability. This vulnerability allows attackers to upload files with system-whitelisted extensions to the system directory /opt, instead of the /opt/upFiles directory specified by the web server.
A vulnerability classified as problematic was found in JeecgBoot up to 3.8.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Server-side request forgery in JeecgBoot 3.9.0's /sys/common/uploadImgByHttp endpoint allows authenticated attackers to manipulate the fileUrl parameter and make arbitrary HTTP requests from the vulnerable server. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early disclosure notification.
SQL injection in JeecgBoot versions up to 3.9.1 allows authenticated remote attackers to manipulate the keyword parameter in the dictionary loading endpoint, potentially enabling unauthorized data access or modification. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires valid credentials but can be executed over the network with low complexity.
JeecgBoot 3.9.1's RAG knowledge controller fails to properly validate ZIP file imports, allowing authenticated remote attackers to trigger unsafe deserialization with public exploit code available. The vulnerability requires authentication and complex attack execution but could enable information disclosure or integrity compromise. No patch is currently available from the vendor.
Path traversal in JeecgBoot's Retrieval-Augmented Generation Module (versions up to 3.9.0) allows authenticated remote attackers to access arbitrary files through manipulation of the filePath parameter in the /airag/knowledge/doc/edit endpoint. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early notification.
SQL injection in JeecgBoot 3.9.0's Online Report API endpoint allows authenticated remote attackers to manipulate the keyword parameter and execute arbitrary database queries. Public exploit code exists for this vulnerability, and the vendor has not provided a patch despite early notification. An attacker with valid credentials can leverage this flaw to read, modify, or delete sensitive database information.
A weakness has been identified in JeecgBoot up to 3.9.0. Affected by this vulnerability is the function getPositionUserList of the file /sys/position/getPositionUserList. This manipulation of the argument positionId causes improper authorization. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
A security flaw has been discovered in JeecgBoot up to 3.9.0. Affected is the function queryDepartPermission of the file /sys/permission/queryDepartPermission. The manipulation of the argument departId results in improper authorization. The attack can be launched remotely. This attack is characterized by high complexity. The exploitability is told to be difficult. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability was identified in JeecgBoot up to 3.9.0. This impacts the function getParameterMap of the file /sys/sysDepartPermission/list. The manipulation of the argument departId leads to improper authorization. The attack can be initiated remotely. The attack's complexity is rated as high. The exploitability is said to be difficult. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability was determined in JeecgBoot up to 3.9.0. This affects an unknown function of the file /sys/sysDepartPermission/datarule/. Executing manipulation can lead to improper authorization. It is possible to launch the attack remotely. The attack requires a high level of complexity. The exploitability is reported as difficult. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Improper authorization in JeecgBoot up to version 3.9.0 allows authenticated remote attackers to manipulate departId and roleId parameters in the /sys/sysDepartRole/datarule/ endpoint to disclose sensitive information. The vulnerability requires legitimate user access and high exploitation complexity, but publicly available exploit code exists and the vendor did not respond to early disclosure attempts.
Improper authorization in JeecgBoot up to version 3.9.0 allows authenticated remote attackers to access unauthorized department role data via manipulation of the departId parameter in the getDeptRoleList endpoint, resulting in information disclosure of sensitive role assignments. The vulnerability requires login credentials and high attack complexity but has publicly available exploit code; however, real-world exploitation risk remains minimal given the 0.03% EPSS score and authentication prerequisite.
A vulnerability was detected in JeecgBoot up to 3.9.0. This issue affects the function queryPageList of the file /sys/sysDepartRole/list. The manipulation of the argument deptId results in improper authorization. The attack can be executed remotely. A high complexity level is associated with this attack. The exploitability is assessed as difficult. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
JeecgBoot versions up to 3.9.0 allow authenticated remote attackers to manipulate user session management through the SysUserOnlineController, resulting in unauthorized session access with low availability impact. Public exploit code is available, though the CVSS score of 2.1 reflects limited real-world risk due to the requirement for authenticated access and minimal impact scope. Active exploitation has not been confirmed in CISA KEV, and the EPSS score of 0.13% indicates low probability of widespread exploitation despite public POC availability.
Authentication bypass in JeecgBoot up to version 3.9.0 allows authenticated remote attackers to manipulate tenant ID arguments in the SysTenantController, resulting in improper authentication checks that grant unauthorized access to other tenants' data. The vulnerability has a low CVSS score of 2.1 but publicly available exploit code exists, suggesting active researcher interest despite minimal real-world impact signals (EPSS 0.32%, low severity scope). Exploitation requires prior authentication and produces only limited information disclosure within the multi-tenant architecture.
Jeecgboot versions 3.8.2 and earlier are affected by a path traversal vulnerability. The endpoint is /sys/comment/addFile. This vulnerability allows attackers to upload files with system-whitelisted extensions to the system directory /opt, instead of the /opt/upFiles directory specified by the web server.
Jeecgboot versions 3.8.2 and earlier are affected by a path traversal vulnerability. This vulnerability allows attackers to upload files with system-whitelisted extensions to the system directory /opt, instead of the /opt/upFiles directory specified by the web server.
A vulnerability classified as problematic was found in JeecgBoot up to 3.8.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.