Headline
GHSA-rwhw-6c6r-2823: Insecure Permissions issue in jeecg-boot
An Insecure Permissions issue in jeecg-boot 2.4.5 allows unauthenticated remote attackers to gain escalated privilege and view sensitive information via the httptrace interface.
- GitHub Advisory Database
- GitHub Reviewed
- CVE-2021-37304
Insecure Permissions issue in jeecg-boot
Moderate severity GitHub Reviewed Published Feb 3, 2023 to the GitHub Advisory Database • Updated Feb 4, 2023
Package
maven org.jeecgframework.boot:jeecg-boot-base (Maven)
Affected versions
<= 2.4.5
Published to the GitHub Advisory Database
Feb 3, 2023
Published by the National Vulnerability Database
Feb 3, 2023
Related news
CVE-2021-37304: [security issue] The jeecg-boot version is less than or equal to 2.4.5 httptrace interface has unauthorized access and leaks sensitive information such as user cookies · Issue #2793 · jeecgboot/jeec
An Insecure Permissions issue in jeecg-boot 2.4.5 allows unauthenticated remote attackers to gain escalated privilege and view sensitive information via the httptrace interface.