An Insecure Permissions issue in jeecg-boot 2.4.5 and earlier allows remote attackers to gain escalated privilege and view sensitive information via api uri: /sys/user/querySysUser?username=admin.
{ "nvd_published_at": "2023-02-03T18:15:00Z", "github_reviewed_at": "2023-02-04T00:30:23Z", "severity": "HIGH", "github_reviewed": true, "cwe_ids": [ "CWE-732" ] }