Key Vulnerability Information Title: JeecgBoot 3.9.0 Improper Control of Resource Identifiers Description: Vulnerability: Tenant Privilege Escalation API Endpoint: GET Issue: The API query does not validate the Tenant ID, allowing users to access department role lists without proper validation. Submit Details: Contributor: huangweigang Impact Scope: Affected Product: JeecgBoot (latest version) Vulnerable Endpoint: (Get Department Role List API) Code Analysis: Controller File: Route and Method: - - Key Code Lines (183-191): Problem Points: Lack of tenant validation, allowing unauthorized access.