| 제목 | liufee cms 2.1.1 Authorization Bypass |
|---|
| 설명 | A vulnerability was found in Feehi CMS 2.1.1. It has been declared as critical. Affected is the DELETE handler of the /api/users/{id} endpoint in api/controllers/UserController.php. The vulnerability arises because UserController inherits from Yii2's ActiveController and only validates token authenticity without performing any role-based or ownership-based authorization checks. A remote, low-privileged authenticated attacker can send a DELETE request to /api/users/{id} with an arbitrary user ID to permanently delete any user account, including administrators. The server returns HTTP 204 No Content with no confirmation or ownership verification, and subsequent GET requests to the same endpoint return HTTP 404, confirming irreversible data loss. The /api/v1/users/{id} endpoint is equally affected. This vulnerability completely violates the principle of least privilege and can be exploited to cause denial of service, permanent user data destruction, and disruption of application functionality. |
|---|
| 원천 | ⚠️ https://github.com/liufee/cms/issues/89 |
|---|
| 사용자 | byname (UID 98259) |
|---|
| 제출 | 2026. 05. 29. AM 10:13 (1 월 ago) |
|---|
| 모더레이션 | 2026. 06. 28. PM 12:57 (1 month later) |
|---|
| 상태 | 중복 |
|---|
| VulDB 항목 | 374552 [Feehi CMS 까지 2.1.1 API /api/users 권한 상승] |
|---|
| 포인트들 | 0 |
|---|