diff --git a/cve/jeecg/2023/CVE-2023-1454/README.md b/cve/jeecg/2023/CVE-2023-1454/README.md
new file mode 100644
index 0000000000000000000000000000000000000000..7b0d7d77425539cf7150e9d5b0f29c0f3fab99a6
--- /dev/null
+++ b/cve/jeecg/2023/CVE-2023-1454/README.md
@@ -0,0 +1,23 @@
+# CVE-2023-1454
+
+## jeecg-boot unauthorized SQL Injection Vulnerability (CVE-2023-1454)
+
+|   **Vulnerability**  | **jeecg-boot unauthorized SQL Injection Vulnerability (CVE-2023-1454)**  |
+| :----:   | :-----|
+|  **Chinese name**  | jeecg-boot 未授权SQL注入漏洞（CVE-2023-1454 |
+| **CVSS core**  | 9.8 |
+| **FOFA Query**  (click to view the results directly)| [title=="JeecgBoot 企业级低代码平台"](https://fofa.info/result?qbase64=dGl0bGU9PSJKZWVjZ0Jvb3Qg5LyB5Lia57qn5L2O5Luj56CB5bmz5Y%2BwIg%3D%3Da) |
+| **Number of assets affected**  | 3957 |
+| **Description**  | JeecgBoot is a low -code development platform based on code generator. Java Low Code Platform for Enterprise web applications jeecg-boot(v3.5.0) latest unauthorized sql injection. |
+| **Impact** | In addition to using SQL injection vulnerabilities to obtain information in the database (for example, the administrator's back-end password, the user's personal information of the site), an attacker can write a Trojan horse to the server even in a high-privileged situation to further obtain server system permissions. |
+
+![](https://s3.bmp.ovh/imgs/2023/03/24/3886eecddee5f04a.gif)
+
+**[Goby Official URL: https://gobies.org/](https://gobies.org/)** 
+
+If you have a functional type of issue, you can raise an issue on GitHub or in the discussion group below:
+
+1. GitHub issue: https://github.com/gobysec/Goby/issues
+2. Telegram Group: http://t.me/gobies (Group benefits: enjoy the version update 1 month in advance) 
+3. Telegram Channel: https://t.me/joinchat/ENkApMqOonRhZjFl (Channel benefits: enjoy the version update 1 month in advance) 
+4. WeChat Group: First add my personal WeChat: **gobyteam**, I will add everyone to the official WeChat group of Goby. (Group benefits: enjoy the version update 1 month in advance) 
diff --git a/cve/jeecg/2023/yaml/CVE-2023-1454.yaml b/cve/jeecg/2023/yaml/CVE-2023-1454.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..0e96db3f6f7d5266d8c8429dd096eb0c8b7adc32
--- /dev/null
+++ b/cve/jeecg/2023/yaml/CVE-2023-1454.yaml
@@ -0,0 +1,20 @@
+id: CVE-2023-1454
+source: https://github.com/PenTestical/CVE-2020-9484
+info:
+  name: jeecg SQL注入漏洞
+  severity: high
+  description:
+    jeecg是一个应用软件。一款基于代码生成器的智能开发平台。jeecg-boot 3.5.0版本存在SQL注入漏洞，该漏洞源于文件 jmreport/qurestSql 存在安全问题， 通过参数 apiSelectId 导致SQL注入。
+  scope-of-influence:
+    jeecg-boot 3.5.0版本
+  reference:
+    - https://vuldb.com/?ctiid.223299
+    - https://vuldb.com/?id.223299
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
+    cvss-score: 7.5
+    cve-id: CVE-2023-1454
+    cwe-id: None
+    cnvd-id: CNNVD-202303-1399
+    kve-id: None
+  tags: cve2023, jeecg
\ No newline at end of file
diff --git a/openkylin_list.yaml b/openkylin_list.yaml
index 9b6a0f883e6ec8f7d5fee2831d768801e8c67f83..069723aef9d13ad359dc92b27249ab9c0798e494 100644
--- a/openkylin_list.yaml
+++ b/openkylin_list.yaml
@@ -174,6 +174,8 @@ cve:
   Froxlor:
     - CVE-2021-42325
     - CVE-2023-0315
+  jeecg
+    - CVE-2023-1454
 cnvd:
   apache-tomcat:
     - CNVD-2020-10487