PT-2025-39462 · Unknown · Jeecg-Boot
Lucasg2G
·
Published
2025-09-25
·
Updated
2025-09-25
·
CVE-2025-10978
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
JeecgBoot versions through 3.8.2
Description
A security flaw exists in JeecgBoot related to improper authorization. The issue is located in an unknown function within the
/sys/user/exportXls file of the Filter Handler component. The flaw is exploitable remotely and the exploit has been publicly released. The vendor was contacted regarding this disclosure but did not respond.Recommendations
Update JeecgBoot to a version later than 3.8.2.
Exploit
Fix
Improper Authorization
Incorrect Privilege Assignment
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Jeecg-Boot