| Название | https://github.com/pbrong/hrms hrms 1.0.1 Unauthorized bypass access |
|---|
| Описание | pbrong/hrms There is an unauthorized access to user information vulnerability in HRms-1.0.1 \resource\resource.go file.The vulnerability is due to the flaw in the system's permission verification during database query, which causes the attacker to bypass the permission verification by constructing cookies to obtain user information.
Official website: https://github.com/pbrong/hrms/releases/tag/1.0.1
Vulnerability details: https://github.com/A7cc/cve/issues/4
|
|---|
| Источник | ⚠️ https://github.com/A7cc/cve/issues/4 |
|---|
| Пользователь | a7cc (UID 81317) |
|---|
| Представление | 25.02.2025 06:59 (1 Год назад) |
|---|
| Модерация | 01.03.2025 14:59 (4 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 298083 [pbrong hrms до 1.0.1 \resource\resource.go HrmsDB user_cookie эскалация привилегий] |
|---|
| Баллы | 20 |
|---|