JeecgBoot up to v 3.5.1 was discovered to contain a SQL injection vulnerability via the component queryTableDictItemsByCode
in method org.jeecg.modules.api.controller.SystemApiController
.
{ "nvd_published_at": "2023-06-19T06:15:09Z", "cwe_ids": [ "CWE-89" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2023-06-19T22:46:34Z" }