Enviar #745512: yeqifu warehouse latest(git commit aaf29962ba407d22d991781de28796ee7b4670e4) Improper Access Controlsinformación

Títuloyeqifu warehouse latest(git commit aaf29962ba407d22d991781de28796ee7b4670e4) Improper Access Controls
DescripciónRole create/update/delete endpoints are exposed to any authenticated user. Attackers can delete critical roles, create new privileged roles, or modify existing roles to alter access control for multiple users. This enables broad privilege escalation and operational disruption.
Fuente⚠️ https://github.com/yeqifu/warehouse/issues/54
Usuario
 AliceS614 (UID 94277)
Sumisión2026-01-23 10:45 (hace 5 meses)
Moderación2026-02-06 08:57 (14 days later)
EstadoAceptado
Entrada de VulDB344643 [yeqifu warehouse hasta aaf29962ba407d22d991781de28796ee7b4670e4 Role Management RoleController.java addRole/updateRole/deleteRole escalada de privilegios]
Puntos17

AnteriorVisión De ConjuntoPróximo

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!