CVE-2025-45618

Name of the Vulnerable Software and Affected Versions jeeweb-mybatis-springboot version 0.0.1.RELEASE

Description The issue is related to incorrect access control in the component /admin/sys/datasource/ajaxList of jeeweb-mybatis-springboot, allowing attackers to access sensitive information via a crafted payload. This can lead to unauthorized information disclosure.

Recommendations For jeeweb-mybatis-springboot version 0.0.1.RELEASE, consider restricting access to the /admin/sys/datasource/ajaxList endpoint until a patch is available. As a temporary workaround, limit the exposure of sensitive information by implementing additional security controls. At the moment, there is no information about a newer version that contains a fix for this vulnerability.