CVE-2026-3672 - JeecgBoot getDictItems isExistSqlInjectKeyword sql injection

CVE ID :CVE-2026-3672 Published : March 7, 2026, 10:15 p.m. | 1 hour, 19 minutes ago Description :A vulnerability has been found in JeecgBoot up to 3.9.1. Affected is the function isExistSqlInjectKeyword of the file /jeecg-boot/sys/api/getDictItems. Such manipulation leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...