CNNVD-202508-744 Information

Aug 08, 2025 cve

CNNVD ID

CNNVD-202508-744

CVE-2025-8708

CNNVD Published: 2025-08-08

Description (Chinese)

White-Jotter是Antabot个人开发者的一款使用 Vue+Spring Boot 开发的前后端分离项目，附带全套开发教程。 White-Jotter 0.22版本存在安全漏洞，该漏洞源于组件com.gm.wj.config.ShiroConfiguration对输入EVANNIGHTLY_WAOU的不当处理导致反序列化，可能被远程攻击者利用。

Description (English)

White-Jotter is a front-end separation project developed by Antabot personal developers using Vue+Spring Boot, with a full development curriculum. Version 0.22 of White-Jotter contains a security loophole that originates from the inappropriate handling of the component co.gm.wj.config. ShiroConfiguration for the input of EVANNIGHTLY WAOU, resulting in a back-sequence that may be used by remote attackers.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-08-08

Last Modified

2026-02-24

References

https://github.com/Antabot/White-Jotter/issues/161 https://vuldb.com/?ctiid.319138 https://github.com/Antabot/White-Jotter/issues/161#issue-3254420874 https://vuldb.com/?id.319138 https://vuldb.com/?submit.621105 https://nvd.nist.gov/vuln/detail/CVE-2025-8708 https://access.redhat.com/security/cve/cve-2025-8708

Share on: