CVE-2023-41543

Name of the Vulnerable Software and Affected Versions jeecg-boot version 3.5.3

Description The issue allows remote attackers to escalate privileges and obtain sensitive information via the component /sys/replicate/check. This is a SQL injection vulnerability, which means that an attacker can inject malicious SQL code to manipulate the database and extract or modify sensitive data.

Recommendations For jeecg-boot version 3.5.3, consider disabling access to the /sys/replicate/check component until a patch is available. Additionally, restrict privileges to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.