| 제목 | linlinjava litemall 1.8.0 Improper Restriction of Write-Once Bit Fields |
|---|
| 설명 | Litemall is an e-commerce application built with Spring-boot. In the current open source version, there is a Mass Assignment Vulnerability int the /wx/comment/post endpoint. This endpoint allows attackers to set the adminContent field, enabling them to forge administrator comments, which could potentially lead to social engineering attacks such as misleading users, publishing fake promotions/scams, and spreading malicious links and viruses. |
|---|
| 원천 | ⚠️ https://ctf-n0el4kls.notion.site/Litemall-Mass-Assignment-Vulnerability-in-wx-comment-post-21441990f447808b86d1cb15e37ecae9?source=copy_link |
|---|
| 사용자 | n0el4kls (UID 80089) |
|---|
| 제출 | 2025. 06. 16. AM 06:27 (1 년도 ago) |
|---|
| 모더레이션 | 2025. 06. 26. AM 10:22 (10 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 313968 [linlinjava litemall 1.8.0 /wx/comment/post adminComment 권한 상승] |
|---|
| 포인트들 | 17 |
|---|