Filtered by vendor J2eefast
Subscriptions
Filtered by product J2eefast
Subscriptions
Total
21 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-28890 | 1 J2eefast | 1 J2eefast | 2024-11-21 | 9.8 Critical |
| J2eeFAST 2.2.1 allows remote attackers to perform SQL injection via the (1) compId parameter to fast/sys/user/list, (2) deptId parameter to fast/sys/role/list, or (3) roleId parameter to fast/sys/role/authUser/list, related to the use of ${} to join SQL statements. | ||||