Vulnerabilities > Jeecg > Jeecg > 3.4.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-03 | CVE-2023-49442 | Deserialization of Untrusted Data vulnerability in Jeecg Deserialization of Untrusted Data in jeecgFormDemoController in JEECG 4.0 and earlier allows attackers to run arbitrary code via crafted POST request. | 9.8 |
2023-03-06 | CVE-2023-24789 | SQL Injection vulnerability in Jeecg 3.4.4 jeecg-boot v3.4.4 was discovered to contain an authenticated SQL injection vulnerability via the building block report component. | 8.8 |