제출 #754431: warehouse latest(git commit aaf29962ba407d22d991781de28796ee7b4670e4) Improper Access Controls정보

제목warehouse latest(git commit aaf29962ba407d22d991781de28796ee7b4670e4) Improper Access Controls
설명Sales and salesback endpoints do not enforce permissions. Attackers can forge sales or return records, delete legitimate records, and manipulate revenue/stock data, which impacts accounting accuracy and business reporting. These endpoints should enforce role-based access control, validate ownership/workflow state, and log all changes for auditability.
원천⚠️ https://github.com/yeqifu/warehouse/issues/63
사용자
 AliceS614 (UID 94277)
제출2026. 02. 09. AM 05:58 (5 개월 ago)
모더레이션2026. 02. 20. AM 10:01 (11 days later)
상태수락
VulDB 항목347088 [yeqifu warehouse 까지 aaf29962ba407d22d991781de28796ee7b4670e4 Sales Endpoint SalesController.java addSales/updateSales/deleteSales 권한 상승]
포인트들18

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!