Enviar #754431: warehouse latest(git commit aaf29962ba407d22d991781de28796ee7b4670e4) Improper Access Controlsinformación

Títulowarehouse latest(git commit aaf29962ba407d22d991781de28796ee7b4670e4) Improper Access Controls
DescripciónSales and salesback endpoints do not enforce permissions. Attackers can forge sales or return records, delete legitimate records, and manipulate revenue/stock data, which impacts accounting accuracy and business reporting. These endpoints should enforce role-based access control, validate ownership/workflow state, and log all changes for auditability.
Fuente⚠️ https://github.com/yeqifu/warehouse/issues/63
Usuario
 AliceS614 (UID 94277)
Sumisión2026-02-09 05:58 (hace 5 meses)
Moderación2026-02-20 10:01 (11 days later)
EstadoAceptado
Entrada de VulDB347088 [yeqifu warehouse hasta aaf29962ba407d22d991781de28796ee7b4670e4 Sales Endpoint SalesController.java addSales/updateSales/deleteSales escalada de privilegios]
Puntos18

Want to stay up to date on a daily basis?

Enable the mail alert feature now!