| عنوان | https://github.com/pbrong/hrms hrms 1.0.1 Unauthorized bypass access |
|---|
| الوصف | pbrong/hrms There is an unauthorized access to user information vulnerability in HRms-1.0.1 \resource\resource.go file.The vulnerability is due to the flaw in the system's permission verification during database query, which causes the attacker to bypass the permission verification by constructing cookies to obtain user information.
Official website: https://github.com/pbrong/hrms/releases/tag/1.0.1
Vulnerability details: https://github.com/A7cc/cve/issues/4
|
|---|
| المصدر | ⚠️ https://github.com/A7cc/cve/issues/4 |
|---|
| المستخدم | a7cc (UID 81317) |
|---|
| ارسال | 25/02/2025 06:59 AM (1 سنة منذ) |
|---|
| الاعتدال | 01/03/2025 02:59 PM (4 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 298083 [pbrong hrms حتى 1.0.1 \resource\resource.go HrmsDB user_cookie تجاوز الصلاحيات] |
|---|
| النقاط | 20 |
|---|