提出 #754430: warehouse latest(git commit aaf29962ba407d22d991781de28796ee7b4670e4) Improper Access Controls情報

タイトルwarehouse latest(git commit aaf29962ba407d22d991781de28796ee7b4670e4) Improper Access Controls
説明Inport and outport endpoints do not enforce permissions. Attackers can forge inventory movements, adjust quantities, or delete records, leading to stock inaccuracies, financial discrepancies, and possible abuse of procurement/return workflows. This can lead to inaccurate stock levels, financial discrepancies, and abuse of procurement/return workflows.
ソース⚠️ https://github.com/yeqifu/warehouse/issues/62
ユーザー
 AliceS614 (UID 94277)
送信2026年02月09日 05:55 (5 月 ago)
モデレーション2026年02月20日 10:01 (11 days later)
ステータス承諾済み
VulDBエントリ347087 [yeqifu warehouse 迄 aaf29962ba407d22d991781de28796ee7b4670e4 Inport Endpoint InportController.java addInport/updateInport/deleteInport 特権昇格]
ポイント18

Do you know our Splunk app?

Download it now for free!