CVE-2025-8963 Information
Aug 15, 2025
cve
Description
A vulnerability was determined in jeecgboot JimuReport up to 2.1.1. Affected by this issue is some unknown functionality of the file /drag/onlDragDataSource/testConnection of the component Data Large Screen Template. The manipulation leads to deserialization. The attack may be launched remotely. The vendor response to the GitHub issue report is: \Modified next version updated.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Reference
https://github.com/jeecgboot/jimureport/issues/4010 https://github.com/jeecgboot/jimureport/issues/4010#issuecomment-3182053855 https://vuldb.com/?ctiid.319958 https://vuldb.com/?id.319958 https://vuldb.com/?submit.628028
Attack Complexity
LOW
Privileges Required
LOW
User Interaction Required
LOW
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
LOW
Availability Impact
LOW
Base Score
LOW
Base Severity
6.3
Related CNNVD
CNNVD-202508-1635 (Published: 2025-08-14)
Share on: