Enviar #745514: yeqifu warehouse latest(git commit aaf29962ba407d22d991781de28796ee7b4670e4) Improper Access Controlsinformación

Títuloyeqifu warehouse latest(git commit aaf29962ba407d22d991781de28796ee7b4670e4) Improper Access Controls
DescripciónMenu create/update/delete endpoints have no authorization checks. Attackers can alter the UI navigation tree, hide critical functions from legitimate users, or expose admin functions to unauthorized users if the frontend relies on menu visibility as a security boundary.
Fuente⚠️ https://github.com/yeqifu/warehouse/issues/56
Usuario
 AliceS614 (UID 94277)
Sumisión2026-01-23 10:46 (hace 5 meses)
Moderación2026-02-06 08:57 (14 days later)
EstadoAceptado
Entrada de VulDB344645 [yeqifu warehouse hasta aaf29962ba407d22d991781de28796ee7b4670e4 Menu Management MenuController.java addMenu/updateMenu/deleteMenu escalada de privilegios]
Puntos17

AnteriorVisión De ConjuntoPróximo

Do you want to use VulDB in your project?

Use the official API to access entries easily!