Miggo Logo
Miggo Vulnerability Database
CVE-2023-38905

CVE-2023-38905: Jeecg-boot SQL Injection vulnerability

5.5

CVSS Score
3.1

Basic Information

CVE ID
CVE-2023-38905
GHSA ID
GHSA-9v66-9239-cqv2
EPSS Score
0.2171%
CWE
CWE-89
Published
8/17/2023
Updated
11/8/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.jeecgframework.boot:jeecg-boot-parentmaven<= 3.5.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from two key points: 1) The duplicate check endpoint constructs SQL queries using unsanitized user input parameters (tableName/fieldName). 2) The SQL injection filter fails to account for encoded whitespace and specific time-delay functions. The provided PoC shows successful exploitation via sleep(10) with %09 encoding, demonstrating that the filter's regex patterns (XSS_STR) and case conversion don't properly neutralize the threat vectors mentioned in the CVE (Benchmark, PG_Sleep, etc.). The vulnerable functions directly process attacker-controlled inputs that flow into SQL execution contexts.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

SQL inj**tion vuln*r**ility in J****-*oot v.*.*.* *n* ***or* *llows * lo**l *tt**k*r to **us* * **ni*l o* s*rvi** vi* t** `**n**m*rk`, `P*_Sl**p`, `**MS_Lo*k.Sl**p`, `W*it*or`, `***O**`, *n* `**MS_PIP*.R***IV*_M*SS***` *un*tions.

Reasoning

T** vuln*r**ility st*ms *rom two k*y points: *) T** *upli**t* ****k *n*point *onstru*ts SQL qu*ri*s usin* uns*nitiz** us*r input p*r*m*t*rs (t**l*N*m*/*i*l*N*m*). *) T** SQL inj**tion *ilt*r **ils to ***ount *or *n*o*** w*it*sp*** *n* sp**i*i* tim*-*