제출 #628028: https://qiaoqiaoyun.com/ jeecgboot/jimureport 2.1.1 PostgreSQL JDBC RCE정보

제목https://qiaoqiaoyun.com/ jeecgboot/jimureport 2.1.1 PostgreSQL JDBC RCE
설명In the data large screen template of the JiMu Report BI large screen workbench, the /drag/onlDragDataSource/testConnection interface can be called by testing the data source configuration when adding a data source in the design. The backend does not impose any restrictions, resulting in an attacker constructing special connection parameters when connecting to the Postgre SQL database, ultimately leading to RCE.
원천⚠️ https://github.com/jeecgboot/jimureport/issues/4010
사용자
 jmx0hxq (UID 63891)
제출2025. 08. 04. AM 04:29 (9 개월 ago)
모더레이션2025. 08. 13. PM 06:07 (10 days later)
상태수락
VulDB 항목319958 [jeecgboot JimuReport 까지 2.1.1 Data Large Screen Template testConnection 권한 상승]
포인트들19

이전개요다음

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!