CVE-2020-28088

描述

An arbitrary file upload vulnerability in `/jeecg-boot/sys/common/upload` of jeecg-boot CMS 2.3 allows attackers to execute arbitrary code.

受影響套件(1)

• Maven/org.jeecgframework.boot:jeecg-boot-parentfrom 0, <= 2.3

參考連結(3)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2020-28088
• PATCHhttps://github.com/jeecgboot/jeecg-boot
• WEBhttps://github.com/zhangdaiscott/jeecg-boot/issues/1888