{
  "entrypoint_kind": "api_remote",
  "entrypoint_detail": "JeecgBoot 3.9.2 HTTP API at http://127.0.0.1:8080/jeecg-boot - /openapi/record/* (OpenApiLogController, variant A) and /openapi/permission/* (OpenApiPermissionController, variant B)",
  "service_started": true,
  "healthcheck_passed": true,
  "target_path_reached": true,
  "runtime_stack": [
    "mariadb",
    "redis",
    "jeecgboot-3.9.2-springboot3-jar"
  ],
  "tested_commit": "7df07a823fd558be857d0208ccae96342539fbc1",
  "tested_ref": "v3.9.2",
  "latest_default_branch_head": "32a8dfe94f014f7a9d472bce83e08bb8cf9c10c3",
  "patch_available": false,
  "low_priv_user": "ceshi (role=test)",
  "admin_user": "admin (role=admin)",
  "proof_artifacts": [
    "vuln_variant/http/login_ceshi.json",
    "vuln_variant/http/login_admin.json",
    "vuln_variant/http/record_list_ceshi.json",
    "vuln_variant/http/record_add_ceshi.json",
    "vuln_variant/http/record_delete_ceshi.json",
    "vuln_variant/http/record_queryById_ceshi.json",
    "vuln_variant/http/permission_add_ceshi.json",
    "vuln_variant/http/permission_getOpenApi_ceshi.json",
    "vuln_variant/http/openapi_add_negcontrol.json",
    "logs/vuln_variant/reproduction_steps.log",
    "logs/vuln_variant/jeecgboot_app.log",
    "logs/vuln_variant/latest_version.txt",
    "logs/vuln_variant/fixed_version.txt"
  ],
  "variant_results": {
    "A_openapi_record_list": "success:true, total:27 (low-priv read all audit logs)",
    "A_openapi_record_add": "success:true (low-priv created audit log attributed to admin auth id; persisted in DB)",
    "A_openapi_record_delete": "success:true (low-priv deleted audit log; DB row 1->0 = tampering)",
    "A_openapi_record_queryById": "success:true (low-priv read specific log)",
    "B_openapi_permission_add": "success:true (low-priv granted permissions on admin auth id; 2 rows persisted)",
    "B_openapi_permission_getOpenApi": "success:true (low-priv retrieved OpenAPI defs for admin auth id)",
    "negative_control_openapi_add": "success:false, message:'Subject does not have role [admin]' (admin-protected endpoint correctly enforced)"
  },
  "notes": "Variant confirmed on JeecgBoot v3.9.2 (latest release; master HEAD byte-identical). No official patch exists. Primary variant (OpenApiLogController /openapi/record/*) is a NEW surface absent from the CVE description."
}
