jjeecg-boot V3.5.0 has an unauthorized arbitrary file upload in /jeecg-boot/jmreport/upload interface.
References
Link | Resource |
---|---|
https://github.com/jeecgboot/jeecg-boot/issues/4990 | Exploit |
Configurations
Configuration 1 (hide)
|
History
23 Jun 2023, 21:24
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
CWE | CWE-434 | |
First Time |
Jeecg jeecg Boot
Jeecg |
|
CPE | cpe:2.3:a:jeecg:jeecg_boot:3.5.1:*:*:*:*:*:*:* cpe:2.3:a:jeecg:jeecg_boot:3.5.0:*:*:*:*:*:*:* |
|
References | (MISC) https://github.com/jeecgboot/jeecg-boot/issues/4990 - Exploit |
16 Jun 2023, 18:24
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-06-16 18:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-34660
Mitre link : CVE-2023-34660
CVE.ORG link : CVE-2023-34660
JSON object : View
Products Affected
jeecg
- jeecg_boot
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type