Submit #687532: shsuishang modulithshop 1.0.0 Privilege Escalationinfo

Titel	shsuishang modulithshop 1.0.0 Privilege Escalation
Beschreibung	ShopSuite ModulithShop (Java version) contains a vertical privilege escalation vulnerability caused by improper path normalization in the JWT authentication filter. An authenticated low-privileged user can bypass permission loading mechanisms using path traversal sequences, allowing unauthorized access to administrative endpoints that lack proper authorization annotations.
Quelle	⚠️ https://github.com/shsuishang/modulithshop/issues/1
Benutzer	ez-lbz (UID 87033)
Einreichung	02.11.2025 10:35 (vor 6 Monaten)
Moderieren	15.11.2025 14:43 (13 days later)
Status	Akzeptiert
VulDB Eintrag	332580 [shsuishang ShopSuite ModulithShop bis 45a99398cec3b7ad7ff9383694f0b53339f2d35a JwtAuthenticationFilter.java JwtAuthenticationFilter Directory Traversal]
Punkte	18

Want to stay up to date on a daily basis?

Enable the mail alert feature now!