CVE-2020-28088

Description

An arbitrary file upload vulnerability in `/jeecg-boot/sys/common/upload` of jeecg-boot CMS 2.3 allows attackers to execute arbitrary code.

Affected packages (1)

• Maven/org.jeecgframework.boot:jeecg-boot-parentfrom 0, <= 2.3

References (3)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2020-28088
• PATCHhttps://github.com/jeecgboot/jeecg-boot
• WEBhttps://github.com/zhangdaiscott/jeecg-boot/issues/1888