Submeter #754431: warehouse latest(git commit aaf29962ba407d22d991781de28796ee7b4670e4) Improper Access Controlsinformação

Títulowarehouse latest(git commit aaf29962ba407d22d991781de28796ee7b4670e4) Improper Access Controls
DescriçãoSales and salesback endpoints do not enforce permissions. Attackers can forge sales or return records, delete legitimate records, and manipulate revenue/stock data, which impacts accounting accuracy and business reporting. These endpoints should enforce role-based access control, validate ownership/workflow state, and log all changes for auditability.
Fonte⚠️ https://github.com/yeqifu/warehouse/issues/63
Utilizador
 AliceS614 (UID 94277)
Submissão09/02/2026 05h58 (há 5 meses)
Moderação20/02/2026 10h01 (11 days later)
EstadoAceite
Entrada VulDB347088 [yeqifu warehouse até aaf29962ba407d22d991781de28796ee7b4670e4 Sales Endpoint SalesController.java addSales/updateSales/deleteSales Elevação de Privilégios]
Pontos18

Do you want to use VulDB in your project?

Use the official API to access entries easily!