Vulnerability CVE-2023-49442
Published: 2024-01-03

Description:
Deserialization of Untrusted Data in jeecgFormDemoController in JEECG 4.0 and earlier allows attackers to run arbitrary code via crafted POST request.

 References:
https://lemono.fun/thoughts/JEECG-RCE.html
Copyright 2024, cxsecurity.com

 

Back to Top