CVE-2023-1784: Improper Authentication

March 31, 2023 (updated April 7, 2023)

A vulnerability was found in jeecg-boot 3.5.0 and classified as critical. This issue affects some unknown processing of the component API Documentation. The manipulation leads to improper authentication. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-224699.

References

github.com/advisories/GHSA-6rfv-h5v8-cj7g
note.youdao.com/ynoteshare/index.html?id=7eb8fc804ea3544d8add43749a09173e
nvd.nist.gov/vuln/detail/CVE-2023-1784
vuldb.com/?ctiid.224699
vuldb.com/?id.224699

Detect and mitigate CVE-2023-1784 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →