JeecgBoot v3.7.1 vulnerable to SQL injection via /onlDragDatasetHead/getTotalData

CVE-2024-48307

Currently unrated

Key Information:

Vendor: CVE Published:; 31 October 2024

Summary

JeecgBoot v3.7.1 was discovered to contain a SQL injection vulnerability via the component /onlDragDatasetHead/getTotalData.

References

https://github.com/jeecgboot

https://github.com/jeecgboot/JeecgBoot

https://github.com/jeecgboot/JeecgBoot/issues/7237

Timeline

Vulnerability published
Oct 31, 2024

Collectors

NVD Database

.