| शीर्षक | roncoo roncoo-pay latest broken function level authorisation |
|---|
| विवरण | Title: Broken Function Level Authorization in UserInfoController
PoC:
A direct GET or POST request to /user/info/list without proper authentication or authorization allows access to the user list functionality. |
|---|
| स्रोत | ⚠️ https://www.cnblogs.com/aibot/p/19063475 |
|---|
| उपयोगकर्ता | Anonymous User |
|---|
| सबमिशन | 29/08/2025 06:00 AM (8 महीनों पहले) |
|---|
| संयम | 11/09/2025 07:22 PM (14 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 323650 [roncoo roncoo-pay तक 9428382af21cd5568319eae7429b7e1d0332ff40 /user/info/list कमजोर प्रमाणीकरण] |
|---|
| अंक | 16 |
|---|