JeecgBoot v3.7.1 vulnerable to SQL injection via /onlDragDatasetHead/getTotalData
CVE-2024-48307

Currently unrated

Key Information:

Vendor: Jeecg
Status: Jeecg Boot
Vendor: CVE Published:; 31 October 2024

🔔 Create Jeecg Vulnerability Alert

What is CVE-2024-48307?

JeecgBoot v3.7.1 was discovered to contain a SQL injection vulnerability via the component /onlDragDatasetHead/getTotalData.

References

https://github.com/jeecgboot

https://github.com/jeecgboot/JeecgBoot

https://github.com/jeecgboot/JeecgBoot/issues/7237

EPSS Score

92% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 31, 2024

.