CVE-2025-14909 | JeecgBoot up to 3.9.0 SysUserOnlineController.java SysUserOnlineController user session (Issue 9195)

A vulnerability was found in JeecgBoot up to 3.9.0 and classified as problematic. The impacted element is the function SysUserOnlineController of the file jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysUserOnlineController.java. Executing manipulation can lead to manage user sessions.

This vulnerability is tracked as CVE-2025-14909. The attack can be launched remotely. Moreover, an exploit is present.

Applying a patch is advised to resolve this issue.VulDB Recent EntriesRead More