| Titel | ageerle https://github.com/ageerle/ruoyi-ai 20250328 version Unauthorized access vulnerability |
|---|
| Beschreibung | The SysNoticeController component of the open source full-stack AI development platform project "https://github.com/ageerle/ruoyi-ai" has an unauthorized access vulnerability. Attackers can modify and query the notification information sent to users by this management system without any access credentials. |
|---|
| Quelle | ⚠️ https://github.com/Tr0e/CVE_Hunter/blob/main/ruoyi-ai/ruoyi-ai_UnauthorizedAccess_02.md |
|---|
| Benutzer | Anonymous User |
|---|
| Einreichung | 29.03.2025 06:46 (vor 1 Jahr) |
|---|
| Moderieren | 03.04.2025 14:54 (5 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 303156 [ageerle ruoyi-ai bis 2.0.0 SysNoticeController.java erweiterte Rechte] |
|---|
| Punkte | 17 |
|---|