| タイトル | 274056675 springboot-openai-chatgpt No version commitID e84f6f5 IDOR |
|---|
| 説明 | Create a new user while specifying a nonexistent expire field to gain membership privileges. You can learn about the existing fields in the data table through the error messages.
## POC
When we create a new account int the system, we can add a new filed called ·expire_time·, with this field, we can access the VIP statement and use the VIP methods.
these fields can be found by the error msg returned by the backend. with these error msgs, we can write the correct expite_time key and value.
## Result
IDOR, with the logic error, we can access the VIP authorizations. |
|---|
| ソース | ⚠️ https://www.cnblogs.com/aibot/p/18732250 |
|---|
| ユーザー | Anonymous User |
|---|
| 送信 | 2025年02月23日 09:09 (1 年 ago) |
|---|
| モデレーション | 2025年03月14日 18:07 (19 days later) |
|---|
| ステータス | 重複 |
|---|
| VulDBエントリ | 299750 [274056675 springboot-openai-chatgpt e84f6f5 addData chatUserID 特権昇格] |
|---|
| ポイント | 0 |
|---|