Submit #754430: warehouse latest(git commit aaf29962ba407d22d991781de28796ee7b4670e4) Improper Access Controlsinfo

Titelwarehouse latest(git commit aaf29962ba407d22d991781de28796ee7b4670e4) Improper Access Controls
BeschreibungInport and outport endpoints do not enforce permissions. Attackers can forge inventory movements, adjust quantities, or delete records, leading to stock inaccuracies, financial discrepancies, and possible abuse of procurement/return workflows. This can lead to inaccurate stock levels, financial discrepancies, and abuse of procurement/return workflows.
Quelle⚠️ https://github.com/yeqifu/warehouse/issues/62
Benutzer
 AliceS614 (UID 94277)
Einreichung09.02.2026 05:55 (vor 5 Monaten)
Moderieren20.02.2026 10:01 (11 days later)
StatusAkzeptiert
VulDB Eintrag347087 [yeqifu warehouse bis aaf29962ba407d22d991781de28796ee7b4670e4 Inport Endpoint InportController.java addInport/updateInport/deleteInport erweiterte Rechte]
Punkte18

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!