jeecg-boot Sleep Command SysDictMapper.java sql injection
CVE-2023-1741
9.8CRITICAL
What is CVE-2023-1741?
A vulnerability exists in Jeecg-Boot 3.5.0, specifically within the Sleep Command Handler's SysDictMapper.java file. This issue allows for SQL injection attacks, which can be executed remotely. The exploit has been made public, potentially enabling attackers to manipulate database queries without proper authorization, posing significant risks to data integrity and confidentiality.
Affected Version(s)
jeecg-boot 3.5.0