Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
quequnlong shiyi-blog Job SysJobController.java deserialization
Vulnerability Description
A vulnerability was found in quequnlong shiyi-blog up to 1.2.1. This impacts an unknown function of the file src/main/java/com/mojian/controller/SysJobController.java of the component Job Handler. The manipulation results in deserialization. The attack can be executed remotely. The exploit has been made public and could be used.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
可信数据的反序列化
Vulnerability Title
shiyi-blog 代码问题漏洞
Vulnerability Description
shiyi-blog是bule个人开发者的一款vue+springboot前后端分离的博客系统。 shiyi-blog 1.2.1及之前版本存在代码问题漏洞,该漏洞源于文件src/main/java/com/mojian/controller/SysJobController.java中Job Handler组件存在反序列化问题,可能被远程利用。
CVSS Information
N/A
Vulnerability Type
N/A