Garck3Ho

**Name of the Vulnerable Software and Affected Versions** jjeecg-boot version 3.5.0 **Description** The issue concerns an unauthorized arbitrary file upload in the `/jeecg-boot/jmreport/upload` interface. This allows for potential malicious file uploads without proper authorization. **Recommendations** For jjeecg-boot version 3.5.0, as a temporary workaround, consider disabling the `/jeecg-boot/jmreport/upload` interface until a patch is available. Restrict access to this interface to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.