| 제목 | Antabot White-Jotter v0.2.2 Authorization Bypass |
|---|
| 설명 | White-Jotter v0.2.2 has an authorization bypass vulnerability, allowing unauthorized users to access sensitive system information and even modify critical system data. This vulnerability compromises the confidentiality, integrity of the system. Shiro 1.4.1 is used for access control by the project. According to CVE-2020-1957, Apache Shiro before 1.5.2, when using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass. Therefore, the projects is vulnerable to authentication bypass. |
|---|
| 원천 | ⚠️ https://github.com/Antabot/White-Jotter/issues/159 |
|---|
| 사용자 | gaogaostone (UID 53740) |
|---|
| 제출 | 2024. 10. 21. AM 05:08 (2 연령 ago) |
|---|
| 모더레이션 | 2024. 10. 29. PM 06:45 (9 days later) |
|---|
| 상태 | 중복 |
|---|
| VulDB 항목 | 152286 [Apache Shiro 까지 1.5.1 Spring Dynamic Controller 요청 약한 인증] |
|---|
| 포인트들 | 0 |
|---|