Vulnerabilities

CVE-2025-15123 - JeecgBoot datarule improper authorization

2025-12-28 0 views admin

CVE ID : CVE-2025-15123 Published : Dec. 28, 2025, 6:02 a.m. | 1 hour, 24 minutes ago Description : A vulnerability was determined in JeecgBoot up to 3.9.0. This affects an unknown function of the file /sys/sysDepartPermission/datarule/. Executing manipulation can lead to improper authorization. It is possible to launch the attack remotely. The attack requires a high level of complexity. The exploitability is reported as difficult. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2025-15123

Severity

HIGH

Published

Dec. 28, 2025

Source: Telegram CVE Monitor

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2025-15123high

CVE-2025-15123 - JeecgBoot datarule improper authorization

CVE Details

🏷️ Tags

More from Vulnerabilities

CVE-2025-15127 - FantasticLBP Hotels_Server Room.php sql injection

CVE-2025-15126 - JeecgBoot getPositionUserList improper authorization

CVE-2025-15128 - ZKTeco BioTime Endpoint safe_setting credentials storage

CVE-2025-15129 - ChenJinchuang Lin-CMS-TP5 File Upload LocalUploader.php upload code injection

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting