Submit #470902: wander-chu SpringBoot-Blog 1.0 permission bypassinfo

Titlewander-chu SpringBoot-Blog 1.0 permission bypass
Descriptionsrc/main/java/com/my/blog/website/interceptor/BaseInterceptor.java The preHandle method in has permission bypass, and POST requests sent can bypass login and modify website content as long as the path does not start with/admin
Source⚠️ https://github.com/wander-chu/SpringBoot-Blog/issues/4
User
 LVZC2 (UID 76821)
Submission12/28/2024 09:54 AM (1 month ago)
Moderation01/08/2025 03:51 PM (11 days later)
StatusAccepted
VulDB Entry290793 [wander-chu SpringBoot-Blog 1.0 HTTP POST Request BaseInterceptor.java preHandle access control]
Points16

Do you need the next level of professionalism?

Upgrade your account now!