GHSA-v3v9-3jf4-5pxx

Suggest an improvement
Source
https://github.com/advisories/GHSA-v3v9-3jf4-5pxx
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/06/GHSA-v3v9-3jf4-5pxx/GHSA-v3v9-3jf4-5pxx.json
JSON Data
https://api.test.osv.dev/v1/vulns/GHSA-v3v9-3jf4-5pxx
Aliases
  • CVE-2023-33510
Published
2023-06-07T21:30:18Z
Modified
2023-11-01T05:02:10.799236Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
Jeecg P3 Biz Chat allows remote attackers to read arbitrary files
Details

Jeecg P3 Biz Chat 1.0.5 allows remote attackers to read arbitrary files through specific parameters.

Database specific
{
    "nvd_published_at": "2023-06-07T20:15:09Z",
    "cwe_ids": [
        "CWE-668"
    ],
    "severity": "HIGH",
    "github_reviewed": true,
    "github_reviewed_at": "2023-06-09T22:54:03Z"
}
References

Affected packages

Maven / org.jeecgframework.p3:jeecg-p3-biz-chat

Package

Name
org.jeecgframework.p3:jeecg-p3-biz-chat
View open source insights on deps.dev
Purl
pkg:maven/org.jeecgframework.p3/jeecg-p3-biz-chat

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Last affected
1.0.5