| शीर्षक | https://qiaoqiaoyun.com/ jeecgboot/jimureport 2.1.1 PostgreSQL JDBC RCE |
|---|
| विवरण | In the data large screen template of the JiMu Report BI large screen workbench, the /drag/onlDragDataSource/testConnection interface can be called by testing the data source configuration when adding a data source in the design. The backend does not impose any restrictions, resulting in an attacker constructing special connection parameters when connecting to the Postgre SQL database, ultimately leading to RCE. |
|---|
| स्रोत | ⚠️ https://github.com/jeecgboot/jimureport/issues/4010 |
|---|
| उपयोगकर्ता | jmx0hxq (UID 63891) |
|---|
| सबमिशन | 04/08/2025 04:29 AM (9 महीनों पहले) |
|---|
| संयम | 13/08/2025 06:07 PM (10 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 319958 [jeecgboot JimuReport तक 2.1.1 Data Large Screen Template testConnection अधिकार वृद्धि] |
|---|
| अंक | 19 |
|---|