PT-2025-39464 · Unknown · Jeecg-Boot
Lucasg2G
·
Published
2025-09-25
·
Updated
2025-09-26
·
CVE-2025-10980
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
JeecgBoot versions through 3.8.2
Description
A security issue exists in JeecgBoot that allows for improper authorization. This is related to a file at
/sys/position/exportXls and an unknown function within it. The attack can be launched remotely, and the exploit has been publicly disclosed. The vendor was informed of the issue but did not respond.Recommendations
Update JeecgBoot to a version beyond 3.8.2.
Exploit
Fix
Improper Authorization
Incorrect Privilege Assignment
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Jeecg-Boot