Invia #427406: Antabot White-Jotter v0.2.2 Authorization Bypassinformazioni

TitoloAntabot White-Jotter v0.2.2 Authorization Bypass
DescrizioneWhite-Jotter v0.2.2 has an authorization bypass vulnerability, allowing unauthorized users to access sensitive system information and even modify critical system data. This vulnerability compromises the confidentiality, integrity of the system. Shiro 1.4.1 is used for access control by the project. According to CVE-2020-1957, Apache Shiro before 1.5.2, when using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass. Therefore, the projects is vulnerable to authentication bypass.
Fonte⚠️ https://github.com/Antabot/White-Jotter/issues/159
Utente
 gaogaostone (UID 53740)
Sottomissione21/10/2024 05:08 (2 anni fa)
Moderazione29/10/2024 18:45 (9 days later)
StatoDuplicato
Voce VulDB152286 [Apache Shiro fino a 1.5.1 Spring Dynamic Controller Richiesta autenticazione debole]
Punti0

PrecedenteVisione D'ensembleIl prossimo

Want to know what is going to be exploited?

We predict KEV entries!