| शीर्षक | ItzCrazyKns Vane 1.12.1 Missing Authentication for Critical Function |
|---|
| विवरण | Vane is an AI-powered search engine built with Next.js. Its backend exposes a REST API through Next.js App Router route handlers located in src/app/api/*/route.ts. Every endpoint processes requests without verifying the identity or authorization level of the caller.This constitutes a complete absence of access control, meaning the application trusts all incoming HTTP requests equally, regardless of origin. |
|---|
| स्रोत | ⚠️ https://github.com/ItzCrazyKns/Vane/issues/1123 |
|---|
| उपयोगकर्ता | Yu-Bao (UID 96702) |
|---|
| सबमिशन | 26/04/2026 03:57 AM (1 महीना पहले) |
|---|
| संयम | 23/05/2026 04:00 PM (28 days later) |
|---|
| स्थिति | प्रतिलिपि |
|---|
| VulDB प्रविष्टि | 365334 [ItzCrazyKns Vane तक 1.12.1 API route.ts कमजोर प्रमाणीकरण] |
|---|
| अंक | 0 |
|---|