Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Jeesite 1.2.7 is affected by: XML External Entity (XXE). The impact is: sensitive information disclosure. The component is: convertToModel() function in src/main/java/com.thinkgem.jeesite/modules/act/service/ActProcessService.java. The attack vector is: network connectivity,authenticated,must upload a specially crafted xml file. The fixed version is: 4.0 and later.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
卓源软件 Jeesite 代码问题漏洞
Vulnerability Description
卓源软件 Jeesite是中国卓源软件公司的一套开源的Java EE企业级快速开发平台。该平台包括系统权限组件、数据权限组件、数据字典组件、核心工具组件、视图操作组件、工作流组件和代码生成组件等。 卓源软件 Jeesite 1.2.7版本中的src/main/java/com.thinkgem.jeesite/modules/act/service/ActProcessService.java文件的‘convertToModel()’函数存在代码问题漏洞。该漏洞源于网络系统或产品的代码开发过程中存在设计或
CVSS Information
N/A
Vulnerability Type
N/A