제출 #642413: JEPaaS v7.2.8 Access Control Check Implemented After Asset is Accessed정보

제목JEPaaS v7.2.8 Access Control Check Implemented After Asset is Accessed
설명In JEPaaS, the SessionFilter serves as the login validation filter. Due to flaws in the filter, it is possible to bypass it and directly access the interface. poc: /error/.%2e;/je/rbac/rbac/queryUser
원천⚠️ https://github.com/c3p0ooo-Yiqiyin/JEPaaS-Access-control-bypass-vulnerability/blob/main/README.md
사용자
 c3p0ooo_Yiqiyin (UID 44113)
제출2025. 08. 27. AM 11:09 (8 개월 ago)
모더레이션2025. 09. 10. PM 09:10 (14 days later)
상태수락
VulDB 항목323547 [JEPaaS 7.2.8 Filter doFilterInternal 권한 상승]
포인트들16

이전개요다음

Want to know what is going to be exploited?

We predict KEV entries!