| タイトル | https://github.com/pbrong/hrms hrms 1.0.1 Unauthorized bypass access |
|---|
| 説明 | pbrong/hrms There is an unauthorized access to user information vulnerability in HRms-1.0.1 \resource\resource.go file.The vulnerability is due to the flaw in the system's permission verification during database query, which causes the attacker to bypass the permission verification by constructing cookies to obtain user information.
Official website: https://github.com/pbrong/hrms/releases/tag/1.0.1
Vulnerability details: https://github.com/A7cc/cve/issues/4
|
|---|
| ソース | ⚠️ https://github.com/A7cc/cve/issues/4 |
|---|
| ユーザー | a7cc (UID 81317) |
|---|
| 送信 | 2025年02月25日 06:59 (1 年 ago) |
|---|
| モデレーション | 2025年03月01日 14:59 (4 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 298083 [pbrong hrms 迄 1.0.1 \resource\resource.go HrmsDB user_cookie 特権昇格] |
|---|
| ポイント | 20 |
|---|