CVE-2025-14908 | JeecgBoot up to 3.9.0 Multi-Tenant Management SysTenantController.java ID improper authentication (Issue 9196)

A vulnerability has been found in JeecgBoot up to 3.9.0 and classified as critical. The affected element is an unknown function of the file jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysTenantController.java of the component Multi-Tenant Management Module. Performing manipulation of the argument ID results in improper authentication.

This vulnerability is identified as CVE-2025-14908. The attack can be initiated remotely. Additionally, an exploit exists.

It is recommended to apply a patch to fix this issue.VulDB Recent EntriesRead More