SQL Injection Vulnerability in Jeecg-Boot by Jeecg
CVE-2023-41542
9.8CRITICAL
What is CVE-2023-41542?
A SQL injection vulnerability exists in Jeecg-Boot version 3.5.3, specifically in the jmreport/qurestSql component. This security flaw can allow remote attackers to manipulate database queries, potentially leading to unauthorized privilege escalation and access to sensitive information. Promptly updating your Jeecg-Boot version is vital to mitigate this security risk.