jeecg-boot 3.5.0 and 3.5.1 have a SQL injection vulnerability the id parameter of the /jeecg-boot/jmreport/show interface.
jeecg jeecg boot 3.5.0
jeecg jeecg boot 3.5.1