| 제목 | liufee cms 2.1.1 Information Disclosure |
|---|
| 설명 | https://github.com/liufee/cms/
A vulnerability has been found in Feehi CMS 2.1.1 and classified as problematic. Affected is an unknown function of the /api/users endpoint. The manipulation leads to information disclosure. The attack can be initiated remotely. A regular authenticated user can enumerate all registered users' personally identifiable information (PII), including usernames, email addresses, and account status, without any role-based access control. |
|---|
| 원천 | ⚠️ https://github.com/liufee/cms/issues/88 |
|---|
| 사용자 | byname (UID 98259) |
|---|
| 제출 | 2026. 05. 29. AM 09:42 (1 월 ago) |
|---|
| 모더레이션 | 2026. 06. 28. PM 12:15 (1 month later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 374552 [Feehi CMS 까지 2.1.1 API /api/users 권한 상승] |
|---|
| 포인트들 | 20 |
|---|