Enviar #745509: yeqifu warehouse latest(git commit aaf29962ba407d22d991781de28796ee7b4670e4) Improper Access Controlsinformación

Títuloyeqifu warehouse latest(git commit aaf29962ba407d22d991781de28796ee7b4670e4) Improper Access Controls
DescripciónUser CRUD endpoints do not enforce role/permission checks. Any logged-in user can create new accounts, modify existing users, or delete users. This enables account takeover, creation of backdoor accounts, and denial of service by removing legitimate users.
Fuente⚠️ https://github.com/yeqifu/warehouse/issues/53
Usuario
 AliceS614 (UID 94277)
Sumisión2026-01-23 10:44 (hace 5 meses)
Moderación2026-02-06 08:57 (14 days later)
EstadoAceptado
Entrada de VulDB344642 [yeqifu warehouse hasta aaf29962ba407d22d991781de28796ee7b4670e4 User Management Endpoint UserController.java addUser/updateUser/deleteUser escalada de privilegios]
Puntos17

AnteriorVisión De ConjuntoPróximo

Want to stay up to date on a daily basis?

Enable the mail alert feature now!