Submeter #745512: yeqifu warehouse latest(git commit aaf29962ba407d22d991781de28796ee7b4670e4) Improper Access Controlsinformação

Títuloyeqifu warehouse latest(git commit aaf29962ba407d22d991781de28796ee7b4670e4) Improper Access Controls
DescriçãoRole create/update/delete endpoints are exposed to any authenticated user. Attackers can delete critical roles, create new privileged roles, or modify existing roles to alter access control for multiple users. This enables broad privilege escalation and operational disruption.
Fonte⚠️ https://github.com/yeqifu/warehouse/issues/54
Utilizador
 AliceS614 (UID 94277)
Submissão23/01/2026 10h45 (há 5 meses)
Moderação06/02/2026 08h57 (14 days later)
EstadoAceite
Entrada VulDB344643 [yeqifu warehouse até aaf29962ba407d22d991781de28796ee7b4670e4 Role Management RoleController.java addRole/updateRole/deleteRole Elevação de Privilégios]
Pontos17

VoltarVisão GeralPróximo

Interested in the pricing of exploits?

See the underground prices here!