CVE-2024-40489

UNKNOWN NVD

CVSS Score 0

Severity UNKNOWN

Published Apr 01, 2026

Vendor unknown

Description

There is an injection vulnerability in jeecg boot versions 3.0.0 to 3.5.3 due to lax character filtering, which allows attackers to execute arbitrary code on components through specially crafted HTTP requests.

References

https://gist.github.com/aqyoung/2fd6329ceb06b731a621356921f0d5f0
https://pan.baidu.com/s/14WOPXhRHoxr4FRKGme59ug?pwd=sktp