Submeter #745513: yeqifu warehouse latest(git commit aaf29962ba407d22d991781de28796ee7b4670e4) Improper Access Controlsinformação

Títuloyeqifu warehouse latest(git commit aaf29962ba407d22d991781de28796ee7b4670e4) Improper Access Controls
DescriçãoPermission create/update/delete endpoints are exposed to any authenticated user. Attackers can introduce new permissions, remove existing ones, or modify permission definitions, effectively corrupting the authorization system and enabling stealthy privilege escalation.
Fonte⚠️ https://github.com/yeqifu/warehouse/issues/55
Utilizador
 AliceS614 (UID 94277)
Submissão23/01/2026 10h45 (há 5 meses)
Moderação06/02/2026 08h57 (14 days later)
EstadoAceite
Entrada VulDB344644 [yeqifu warehouse até aaf29962ba407d22d991781de28796ee7b4670e4 Permission Management PermissionController.java addPermission/updatePermission/deletePermission Elevação de Privilégios]
Pontos17

VoltarVisão GeralPróximo

Want to know what is going to be exploited?

We predict KEV entries!