Security Advisory

CVE-2026-3672

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-07 21:32:13

Last updated 2026-03-11 16:28:32

Assigner VulDB

State PUBLISHED

Description

A vulnerability has been found in JeecgBoot up to 3.9.1. Affected is the function isExistSqlInjectKeyword of the file /jeecg-boot/sys/api/getDictItems. Such manipulation leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used.

← Browse all CVEs View on cve.org ↗