ThriveX-Blog <=3.1.7 Incorrect AuthorizationИнформация

Название	LiuYuYang01 https://github.com/LiuYuYang01/ThriveX-Blog <=3.1.7 Incorrect Authorization
Описание	LiuYuYang01 ThriveX-Blog Project <=3.1.7 Version Incorrect Authorization Vulnerability. Due to the API /web_config/json/name/web not validating current user permissions, this means any user with a valid token can call the updateJsonValueByName method to modify website configuration.
Источник	⚠️ https://github.com/echo0d/vulnerability/blob/main/LiuYuYang01_ThriveX-Blog/IncorrectAuthorization.md
Пользователь	echo0d (UID 81331)
Представление	06.08.2025 17:50 (9 месяцы назад)
Модерация	19.08.2025 09:53 (13 days later)
Статус	принято
Запись VulDB	320530 [LiuYuYang01 ThriveX-Blog до 3.1.7 web updateJsonValueByName эскалация привилегий]
Баллы	18

Do you need the next level of professionalism?

Upgrade your account now!