CVE 2020-23083
Unrestricted File Upload in JEECG v4.0 and earlier allows remote attackers to execute arbitrary code or gain privileges by uploading a crafted file to the component "jeecgFormDemoC
See the
CVE page on Mitre.org
for more details.