What is CVE-2025-8963?

CVE-2025-8963 is a medium-severity vulnerability in Jeecgboot Jimureport, classified under Deserialization of Untrusted Data. CVSS score: 6.3/10. Published 2025-08-14.

How severe is CVE-2025-8963?

Medium severity. CVSS v3 base score is 6.3 out of 10.

Deserialization in Jeecgboot Jimureport

CVE-2025-8963

A vulnerability was determined in jeecgboot JimuReport up to 2.1.1. Affected by this issue is some unknown functionality of the file /drag/onlDragDataSource/testConnection of the component Data Large Screen Template. The manipulation leads…

Vulnerability class: Insecure Deserialization

EPSS: 0.001 (27.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:C.

Affected products

Jeecgboot Jimureport — versions 2.1.0, 2.1.1

Weakness classification (CWE)

References

VDB-319958 | jeecgboot JimuReport Data Large Screen Template testConnection deserialization (vdb-entry)
VDB-319958 | CTI Indicators (IOB, IOC, IOA) (signature, permissions-required)
Submit #628028 | https://qiaoqiaoyun.com/ jeecgboot/jimureport 2.1.1 PostgreSQL JDBC RCE (third-party-advisory)
github.com/jeecgboot/jimureport/issues/4010 (issue-tracking)
github.com/jeecgboot/jimureport/issues/4010 (issue-tracking)

Frequently asked questions

What is CVE-2025-8963?: CVE-2025-8963 is a medium-severity vulnerability in Jeecgboot Jimureport, classified under Deserialization of Untrusted Data. CVSS score: 6.3/10. Published 2025-08-14.
How severe is CVE-2025-8963?: Medium severity. CVSS v3 base score is 6.3 out of 10.