Vulnerabilities > Jeesite > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-06-22 CVE-2023-34601 SQL Injection vulnerability in Jeesite
Jeesite before commit 10742d3 was discovered to contain a SQL injection vulnerability via the component ${businessTable} at /act/ActDao.xml.
network
low complexity
jeesite CWE-89
critical
 9.8
9.8
2022-04-05 CVE-2020-19229 Deserialization of Untrusted Data vulnerability in Jeesite 1.2.7
Jeesite 1.2.7 uses the apache shiro version 1.2.3 affected by CVE-2016-4437.
network
low complexity
jeesite CWE-502
critical
 9.8
9.8