CVE-2020-28088
Jeecg-Boot CMS arbitrary file upload vulnerability
EPSS 5.9%
Description
An arbitrary file upload vulnerability in `/jeecg-boot/sys/common/upload` of jeecg-boot CMS 2.3 allows attackers to execute arbitrary code.
How to fix CVE-2020-28088
No fixed version has been published yet. Mitigate by removing the affected package or applying upstream guidance from the references below.
- Maven/org.jeecgframework.boot:jeecg-boot-parent—no fix listed
Is CVE-2020-28088 being exploited?
Moderate — EPSS is 5.9%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, <= 2.3