CVE-2025-15123 | JeecgBoot up to 3.9.0 datarule improper authorization

A vulnerability categorized as problematic has been discovered in JeecgBoot up to 3.9.0. This affects an unknown function of the file /sys/sysDepartPermission/datarule/. Executing manipulation can lead to improper authorization.

This vulnerability is registered as CVE-2025-15123. It is possible to launch the attack remotely. Furthermore, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More