Submit #745514: yeqifu warehouse latest(git commit aaf29962ba407d22d991781de28796ee7b4670e4) Improper Access Controlsinfo

Titelyeqifu warehouse latest(git commit aaf29962ba407d22d991781de28796ee7b4670e4) Improper Access Controls
BeschreibungMenu create/update/delete endpoints have no authorization checks. Attackers can alter the UI navigation tree, hide critical functions from legitimate users, or expose admin functions to unauthorized users if the frontend relies on menu visibility as a security boundary.
Quelle⚠️ https://github.com/yeqifu/warehouse/issues/56
Benutzer
 AliceS614 (UID 94277)
Einreichung23.01.2026 10:46 (vor 5 Monaten)
Moderieren06.02.2026 08:57 (14 days later)
StatusAkzeptiert
VulDB Eintrag344645 [yeqifu warehouse bis aaf29962ba407d22d991781de28796ee7b4670e4 Menu Management MenuController.java addMenu/updateMenu/deleteMenu erweiterte Rechte]
Punkte17

ZurückÜbersichtWeiter

Do you know our Splunk app?

Download it now for free!