CVE-2023-1741 MEDIUM

CVE-2023-1741: jeecg-boot Sleep Command SysDictMapper.java sql injection

Vendor N/A

Product jeecg-boot

Weakness CWE-89 · SQLi

Published March 30, 2023

Last update August 2, 2024

View on NVD All CVEs

CVSS base score

4.3/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality None

Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

What the vulnerability does

Description

A vulnerability was found in jeecg-boot 3.5.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file SysDictMapper.java of the component Sleep Command Handler. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-224629 was assigned to this vulnerability.

Key dates

Disclosure timeline

March 30, 2023 CVE published

August 2, 2024 Record updated