.. / CVE-2023-4450

Exploit for JeecgBoot JimuReport - Template injection (CVE-2023-4450)

Description:

A vulnerability was found in jeecgboot JimuReport up to 1.6.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Template Handler. The manipulation leads to injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Nuclei Template

View the template here CVE-2023-4450.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-4450.yaml
Copy

References:

https://whoopsunix.com/docs/java/named%20module/
https://nvd.nist.gov/vuln/detail/CVE-2023-4450
https://github.com/advisories/GHSA-j8h5-8rrr-m6j9