CVE-2023-1741

Name of the Vulnerable Software and Affected Versions jeecg-boot version 3.5.0

Description A vulnerability was found in the file SysDictMapper.java of the component Sleep Command Handler, leading to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Recommendations For jeecg-boot version 3.5.0, consider disabling the Sleep Command Handler component or restricting access to the SysDictMapper.java file until a patch is available. As a temporary workaround, avoid using the functionality of the SysDictMapper.java file that is vulnerable to sql injection. At the moment, there is no information about a newer version that contains a fix for this vulnerability.