SQL Injection Vulnerability in Jeecg-Boot by Jeecg

CVE-2023-41542

What is CVE-2023-41542?

A SQL injection vulnerability exists in Jeecg-Boot version 3.5.3, specifically in the jmreport/qurestSql component. This security flaw can allow remote attackers to manipulate database queries, potentially leading to unauthorized privilege escalation and access to sensitive information. Promptly updating your Jeecg-Boot version is vital to mitigate this security risk.

References