Jeecg

Jeecg Boot

55 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2026-2945

Exploit
  • EPSS 0.03%
  • Veröffentlicht 22.02.2026 13:16:12
  • Zuletzt bearbeitet 03.03.2026 00:24:46

A weakness has been identified in JeecgBoot 3.9.0. Affected by this vulnerability is an unknown functionality of the file /sys/common/uploadImgByHttp. Executing a manipulation of the argument fileUrl can lead to server-side request forgery. The attac...

8.8

CVE-2026-2822

Exploit
  • EPSS 0.03%
  • Veröffentlicht 20.02.2026 04:32:10
  • Zuletzt bearbeitet 24.02.2026 20:45:10

A security vulnerability has been detected in JeecgBoot up to 3.9.1. The affected element is an unknown function of the file /jeecgboot/sys/dict/loadDict/airag_app,1,create_by of the component Backend Interface. Such manipulation of the argument keyw...

7.5

CVE-2026-2555

Exploit
  • EPSS 0.04%
  • Veröffentlicht 16.02.2026 12:16:22
  • Zuletzt bearbeitet 18.02.2026 21:43:53

A weakness has been identified in JeecgBoot 3.9.1. This vulnerability affects the function importDocumentFromZip of the file org/jeecg/modules/airag/llm/controller/AiragKnowledgeController.java of the component Retrieval-Augmented Generation. Executi...

4.3

CVE-2026-2111

Exploit
  • EPSS 0.07%
  • Veröffentlicht 07.02.2026 20:32:09
  • Zuletzt bearbeitet 03.03.2026 00:20:04

A weakness has been identified in JeecgBoot up to 3.9.0. Affected by this issue is some unknown functionality of the file /airag/knowledge/doc/edit of the component Retrieval-Augmented Generation Module. Executing a manipulation of the argument fileP...

8.8

CVE-2026-1746

Exploit
  • EPSS 0.01%
  • Veröffentlicht 02.02.2026 05:32:10
  • Zuletzt bearbeitet 10.02.2026 17:43:15

A vulnerability was identified in JeecgBoot 3.9.0. This vulnerability affects unknown code of the file /JeecgBoot/sys/api/loadDictItemByKeyword of the component Online Report API. Such manipulation of the argument keyword leads to sql injection. The ...

7.5

CVE-2025-15126

Exploit
  • EPSS 0.04%
  • Veröffentlicht 28.12.2025 07:32:06
  • Zuletzt bearbeitet 30.12.2025 19:13:59

A weakness has been identified in JeecgBoot up to 3.9.0. Affected by this vulnerability is the function getPositionUserList of the file /sys/position/getPositionUserList. This manipulation of the argument positionId causes improper authorization. The...

3.1

CVE-2025-15125

Exploit
  • EPSS 0.04%
  • Veröffentlicht 28.12.2025 07:15:53
  • Zuletzt bearbeitet 30.12.2025 19:04:05

A security flaw has been discovered in JeecgBoot up to 3.9.0. Affected is the function queryDepartPermission of the file /sys/permission/queryDepartPermission. The manipulation of the argument departId results in improper authorization. The attack ca...

3.1

CVE-2025-15124

Exploit
  • EPSS 0.04%
  • Veröffentlicht 28.12.2025 06:32:06
  • Zuletzt bearbeitet 30.12.2025 19:05:30

A vulnerability was identified in JeecgBoot up to 3.9.0. This impacts the function getParameterMap of the file /sys/sysDepartPermission/list. The manipulation of the argument departId leads to improper authorization. The attack can be initiated remot...

3.1

CVE-2025-15123

Exploit
  • EPSS 0.04%
  • Veröffentlicht 28.12.2025 06:02:05
  • Zuletzt bearbeitet 30.12.2025 19:05:39

A vulnerability was determined in JeecgBoot up to 3.9.0. This affects an unknown function of the file /sys/sysDepartPermission/datarule/. Executing manipulation can lead to improper authorization. It is possible to launch the attack remotely. The att...

3.1

CVE-2025-15122

Exploit
  • EPSS 0.04%
  • Veröffentlicht 28.12.2025 05:16:05
  • Zuletzt bearbeitet 30.12.2025 19:05:48

A vulnerability was found in JeecgBoot up to 3.9.0. The impacted element is the function loadDatarule of the file /sys/sysDepartRole/datarule/. Performing manipulation of the argument departId/roleId results in improper authorization. It is possible ...