Описание
Jeesite 1.2.7 is affected by: SQL Injection. The impact is: sensitive information disclosure. The component is: updateProcInsIdByBusinessId() function in src/main/java/com.thinkgem.jeesite/modules/act/ActDao.java has SQL Injection vulnerability. The attack vector is: network connectivity,authenticated. The fixed version is: 4.0 and later.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:jeesite:jeesite:1.2.7:*:*:*:*:*:*:*
EPSS
Процентиль: 55%
0.00328
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-89
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
Jeesite 1.2.7 is affected by: SQL Injection. The impact is: sensitive information disclosure. The component is: updateProcInsIdByBusinessId() function in src/main/java/com.thinkgem.jeesite/modules/act/ActDao.java has SQL Injection vulnerability. The attack vector is: network connectivity,authenticated. The fixed version is: 4.0 and later.
EPSS
Процентиль: 55%
0.00328
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-89