Отправить #642413: JEPaaS v7.2.8 Access Control Check Implemented After Asset is AccessedИнформация

Название	JEPaaS v7.2.8 Access Control Check Implemented After Asset is Accessed
Описание	In JEPaaS, the SessionFilter serves as the login validation filter. Due to flaws in the filter, it is possible to bypass it and directly access the interface. poc: /error/.%2e;/je/rbac/rbac/queryUser
Источник	⚠️ https://github.com/c3p0ooo-Yiqiyin/JEPaaS-Access-control-bypass-vulnerability/blob/main/README.md
Пользователь	c3p0ooo_Yiqiyin (UID 44113)
Представление	27.08.2025 11:09 (8 месяцы назад)
Модерация	10.09.2025 21:10 (14 days later)
Статус	принято
Запись VulDB	323547 [JEPaaS 7.2.8 Filter doFilterInternal эскалация привилегий]
Баллы	16

Might our Artificial Intelligence support you?

Check our Alexa App!