إرسال #745512: yeqifu warehouse latest(git commit aaf29962ba407d22d991781de28796ee7b4670e4) Improper Access Controlsالمعلومات

عنوانyeqifu warehouse latest(git commit aaf29962ba407d22d991781de28796ee7b4670e4) Improper Access Controls
الوصفRole create/update/delete endpoints are exposed to any authenticated user. Attackers can delete critical roles, create new privileged roles, or modify existing roles to alter access control for multiple users. This enables broad privilege escalation and operational disruption.
المصدر⚠️ https://github.com/yeqifu/warehouse/issues/54
المستخدم
 AliceS614 (UID 94277)
ارسال23/01/2026 10:45 AM (5 أشهر منذ)
الاعتدال06/02/2026 08:57 AM (14 days later)
الحالةتمت الموافقة
إدخال VulDB344643 [yeqifu warehouse حتى aaf29962ba407d22d991781de28796ee7b4670e4 Role Management RoleController.java addRole/updateRole/deleteRole تجاوز الصلاحيات]
النقاط17

التالي نظرة عامة السابق

Do you need the next level of professionalism?

Upgrade your account now!