제출 #421516: didi DDMQ 1.0 Authorization Bypass
| 제목 | didi DDMQ 1.0 Authorization Bypass |
|---|---|
| 설명 | In DDMQ console module through all the versions, a specially crafted request may cause an authentication bypass. Attackers can add “/;login” at the tail of authorization-required urls to bypass the authentication and retrieve sensitive information. |
| 원천 | ⚠️ https:/ |
| 사용자 | gaogaostone (UID 53740) |
| 제출 | 2024. 10. 10. AM 09:32 (2 연령 ago) |
| 모더레이션 | 2024. 10. 18. PM 09:54 (9 days later) |
| 상태 | 수락 |
| VulDB 항목 | 280957 [didi DDMQ 1.0 Console 약한 인증] |
| 포인트들 | 17 |