Unknown · Jeecg-Boot · CVE-2025-51825
Name of the Vulnerable Software and Affected Versions:
JeecgBoot versions 3.4.3 through 3.8.0
Description:
JeecgBoot versions 3.4.3 through 3.8.0 contain a SQL injection vulnerability in the `/jeecg-boot/online/cgreport/head/parseSql` endpoint. This vulnerability allows bypassing SQL blacklist restrictions.
Recommendations:
Update JeecgBoot to a version later than 3.8.0.