Niiiikoo

**Name of the Vulnerable Software and Affected Versions** JimuReport version 1.7.8 **Description** The issue allows an attacker to escalate privileges via a crafted GET request to the `/jeecg-boot/jmreport/dict/list` component. **Recommendations** For JimuReport version 1.7.8, consider restricting access to the `/jeecg-boot/jmreport/dict/list` component until a patch is available. Avoid using this component with untrusted input to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.