Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

jeecgboot — Vulnerabilities & Security Advisories 7

Browse all 7 CVE security advisories affecting jeecgboot. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Jeecgboot is a low-code development platform primarily used for building enterprise applications. Historically, it has been vulnerable to multiple security issues including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation vulnerabilities. The platform's CVE history shows consistent patterns of authentication bypass flaws and insufficient input validation. Jeecgboot has faced several critical security incidents, with its most recent vulnerabilities involving unsafe deserialization and improper access controls. Despite these issues, the platform remains popular in enterprise environments due to its rapid development capabilities, though organizations should implement strict security controls when deploying it.

Top products by jeecgboot: JimuReport jeewx-boot
MediumCVE-2024-XXXX2026-05-10
CVE_APPLY/V-009_mLogin_Captcha_Bypass at main · xpp3901/CVE_APPLY · GitHub
CriticalCVE-2024-95712026-05-08
CVE Submission — JeecgBoot SQL Injection via `_tableFilterSql` Parameter (UNION-based) · Issue #9571 · jeecgboot/JeecgBo
Unknown2026-05-02
[Security] Direct SSRF via uploadImgByHttp Endpoint in jeecgboot_JeecgBoot · Issue #9555 · jeecgboot/JeecgBoot
High2026-05-02
[Security] Direct SSRF via uploadImgByHttp Endpoint in jeecgboot_JeecgBoot · Issue #9555 · jeecgboot/JeecgBoot
High2026-05-02
[Security] Second-Order SSRF in jeecgboot_JeecgBoot · Issue #9553 · jeecgboot/JeecgBoot
High2026-05-02
[Security] Second-Order SSRF in jeecgboot_JeecgBoot · Issue #9553 · jeecgboot/JeecgBoot
Critical2026-05-02
[Security] Second-Order SSRF via OpenApi Service in jeecgboot_JeecgBoot · Issue #9554 · jeecgboot/JeecgBoot
High2026-05-02
[Security] Second-Order SSRF via OpenApi Service in jeecgboot_JeecgBoot · Issue #9554 · jeecgboot/JeecgBoot
Critical2026-05-02
[Security] Remote Code Execution via Unsafe Reflection in jeecgboot_JeecgBoot · Issue #9552 · jeecgboot/JeecgBoot
Critical2026-05-02
[Security] Remote Code Execution via Unsafe Reflection in jeecgboot_JeecgBoot · Issue #9552 · jeecgboot/JeecgBoot
High2026-05-01
Stored XSS Vulnerability in msgContent Parameter of /a/msg/msgInner/save Endpoint · Issue #528 · thinkgem/jeesite
Critical2026-05-01
Path Traversal Vulnerability in fileEntityId Parameter of /a/file/upload Endpoint · Issue #529 · thinkgem/jeesite
High2026-05-01
Path Traversal Vulnerability in fileMd5 Parameter of /a/file/upload Endpoint · Issue #530 · thinkgem/jeesite
High2026-04-29
[security]SQL Injection in /sys/dict/loadDict/{dictCode} via unsafe keyword concatenation (Jeecg Boot <= v3.9.1) · Issue
Unknown2026-04-29
fix: 修复字典搜索接口keyword参数SQL注入漏洞 (#9491) · jeecgai/JeecgBoot@a9c8e8e · GitHub
Critical2026-04-10
jimureport BI Dashboard Datasource H2 JDBC RCE Vulnerability (≤ v2.3.0) · Issue #4587 · jeecgboot/jimureport
Critical2026-04-10
jimureport BI Dashboard Datasource H2 JDBC RCE Vulnerability (≤ v2.3.0) · Issue #4587 · jeecgboot/jimureport
Critical2026-04-06
Unauthenticated Sensitive Tool Loading in AI Chat Interface · Issue #9464 · jeecgboot/JeecgBoot
Critical2026-01-20
jimureport H2 JDBC RCE Vulnerability (≤ v2.1.3) · Issue #4306 · jeecgboot/jimureport

Showing up to 20 recent security advisories. View all →

This page lists every published CVE security advisory associated with jeecgboot. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.