CVE-2025-15123

Name of the Vulnerable Software and Affected Versions JeecgBoot versions up to 3.9.0

Description A flaw exists in JeecgBoot that could lead to improper authorization. This issue affects an unknown function within the /sys/sysDepartPermission/datarule/ file. Remote attackers may be able to exploit this by executing manipulation. The attack is reported to have high complexity and difficult exploitability. The exploit has been publicly disclosed.

Recommendations Versions prior to 3.9.0 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.