GHSA-v3v9-3jf4-5pxx

Source

https://github.com/advisories/GHSA-v3v9-3jf4-5pxx

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/06/GHSA-v3v9-3jf4-5pxx/GHSA-v3v9-3jf4-5pxx.json

JSON Data

https://api.test.osv.dev/v1/vulns/GHSA-v3v9-3jf4-5pxx

Aliases

CVE-2023-33510

Published

2023-06-07T21:30:18Z

Modified

2023-11-01T05:02:10.799236Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

Jeecg P3 Biz Chat allows remote attackers to read arbitrary files

Details

Jeecg P3 Biz Chat 1.0.5 allows remote attackers to read arbitrary files through specific parameters.

Database specific

{
    "github_reviewed_at": "2023-06-09T22:54:03Z",
    "cwe_ids": [
        "CWE-668"
    ],
    "nvd_published_at": "2023-06-07T20:15:09Z",
    "github_reviewed": true,
    "severity": "HIGH"
}

References

Affected packages

Maven / org.jeecgframework.p3:jeecg-p3-biz-chat

Package

Name: org.jeecgframework.p3:jeecg-p3-biz-chat; View open source insights on deps.dev
Purl: pkg:maven/org.jeecgframework.p3/jeecg-p3-biz-chat

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Last affected

1.0.5