CNNVD-202601-1400 Information
Jan 08, 2026
cve
CNNVD ID
CNNVD-202601-1400
Related CVE
- CNNVD Published: 2026-01-08
Description (Chinese)
JimuReport是中国JEECG开源的一个免费报表工具。 JimuReport 2.1.3及之前版本存在安全漏洞,该漏洞源于处理用户控制的H2 JDBC URL时未经验证,可能导致远程代码执行。
Description (English)
JimuReport is a free-of-charge reporting tool for JeECG in China. There is a security loophole in JimuReport 2.1.3 and earlier versions, which stems from unverified processing of user-controlled H2 JDBC URLs, which may result in remote code implementation.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
国炬
Published
2026-01-08
Last Modified
2026-02-24
References
https://gist.github.com/Catherines77/f15d53e9705b24cf018e5bffed3e8234 https://github.com/jeecgboot/jimureport/issues/4306
Patch
https://github.com/jeecgboot/jimureport/releases
Share on: