CNNVD-202508-1635 Information
Aug 14, 2025
cve
CNNVD ID
CNNVD-202508-1635
Related CVE
- CNNVD Published: 2025-08-14
Description (Chinese)
JimuReport是中国JEECG开源的一个免费报表工具。 JimuReport 2.1.1及之前版本存在代码问题漏洞,该漏洞源于文件/drag/onlDragDataSource/testConnection的错误操作导致反序列化。
Description (English)
JimuReport is a free-of-charge reporting tool for JeECG in China. There is a code gap in JimuReport 2.1.1 and earlier versions, which stems from the error of the document/drag/onlDragDaratasource/testConnect leading to inverse sequenceization.
Hazard Level
High
Vulnerability Type
代码问题
Affected Vendor
国炬
Published
2025-08-14
Last Modified
2026-02-24
References
https://github.com/jeecgboot/jimureport/issues/4010#issuecomment-3182053855 https://vuldb.com/?id.319958 https://vuldb.com/?submit.628028 https://vuldb.com/?ctiid.319958 https://nvd.nist.gov/vuln/detail/CVE-2025-8963