VYPR
Critical severityNVD Advisory· Published Sep 22, 2023· Updated Sep 24, 2024

CVE-2023-40989

CVE-2023-40989

Description

SQL injection vulnerbility in jeecgboot jeecg-boot v 3.0, 3.5.3 that allows a remote attacker to execute arbitrary code via a crafted request to the report/jeecgboot/jmreport/queryFieldBySql component.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.jeecgframework.boot:jeecg-boot-commonMaven
< 3.6.03.6.0

Affected products

2

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.