CNNVD-202510-017 Information
Oct 01, 2025
cve
CNNVD ID
CNNVD-202510-017
Related CVE
- CNNVD Published: 2025-10-01
Description (Chinese)
JeecgBoot是中国国炬(Jeecg)公司的一个适用于企业 Web 应用程序的 Java 低代码平台。 JeecgBoot 3.8.2及之前版本存在安全漏洞,该漏洞源于路径遍历,可能导致攻击者上传文件到系统目录。
Description (English)
JeecgBoot is a Java low-code platform for the enterprise Web application of Jeecg. JeecgBoot 3.8.2 and previous versions had a security loophole, which stemmed from the routing that could lead to the attackers uploading documents to the system directory.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
国炬
Published
2025-10-01
Last Modified
2026-02-24
References
https://github.com/jeecgboot/JeecgBoot/issues/8826
Patch
https://github.com/jeecgboot/JeecgBoot/releases
Share on: