PT-2026-29547 · Unknown · Jeecg-Boot

Published

2026-04-01

Updated

2026-04-02

CVE-2024-40489

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions jeecg boot versions 3.0.0 through 3.5.3

Description An injection issue exists in jeecg boot due to insufficient character filtering. This allows attackers to execute arbitrary code through crafted HTTP requests.

Recommendations Update jeecg boot to a version later than 3.5.3.

Fix

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2024-40489

Affected Products

Jeecg-Boot

PT-2026-29547 · Unknown · Jeecg-Boot

CVE-2024-40489

Weakness Enumeration

Related Identifiers

Affected Products

References · 4