Invia #842582: liufee cms 2.1.1 Information Disclosureinformazioni

Titololiufee cms 2.1.1 Information Disclosure
Descrizionehttps://github.com/liufee/cms/ A vulnerability has been found in Feehi CMS 2.1.1 and classified as problematic. Affected is an unknown function of the /api/users endpoint. The manipulation leads to information disclosure. The attack can be initiated remotely. A regular authenticated user can enumerate all registered users' personally identifiable information (PII), including usernames, email addresses, and account status, without any role-based access control.
Fonte⚠️ https://github.com/liufee/cms/issues/88
Utente
 byname (UID 98259)
Sottomissione29/05/2026 09:42 (1 mese fa)
Moderazione28/06/2026 12:15 (1 month later)
StatoAccettato
Voce VulDB374552 [Feehi CMS fino a 2.1.1 API /api/users escalationi di privilegi]
Punti20

PrecedenteVisione D'ensembleIl prossimo

Do you need the next level of professionalism?

Upgrade your account now!