Описание
Insecure Permissions issue in jeecg-boot
An Insecure Permissions issue in jeecg-boot 2.4.5 and earlier allows remote attackers to gain escalated privilege and view sensitive information via api uri: api uri:/sys/user/checkOnlyUser?username=admin.
Пакеты
Наименование
org.jeecgframework.boot:jeecg-boot-base
maven
Затронутые версииВерсия исправления
<= 2.4.5
Отсутствует
Связанные уязвимости
CVSS3: 7.5
nvd
около 3 лет назад
An Insecure Permissions issue in jeecg-boot 2.4.5 and earlier allows remote attackers to gain escalated privilege and view sensitive information via api uri: api uri:/sys/user/checkOnlyUser?username=admin.