Отправить #653742: fuyang_lipengjun platform 1.0 broken function level authorizationИнформация

Названиеfuyang_lipengjun platform 1.0 broken function level authorization
ОписаниеProduct:platform v1.0 url:https://gitee.com/fuyang_lipengjun/platform star: 27.5 Vulnerability Report Product: platform URL: http://host/topiccategory/queryAll Title: Broken Function Level Authorization in TopicCategoryController's queryAll Method PoC (Proof of Concept): Log in to the application with any user account, including those with low privileges. Send a GET request to the endpoint http://host/topiccategory/queryAll. The server returns a complete list of topic category information. This data should typically be restricted to users with administrative privileges.
Источник⚠️ https://www.cnblogs.com/aibot/p/19063464
Пользователь
 Anonymous User
Представление13.09.2025 06:34 (10 месяцы назад)
Модерация21.09.2025 17:59 (8 days later)
Статуспринято
Запись VulDB325178 [fuyang_lipengjun platform 1.0 /topiccategory/queryAll TopicCategoryController эскалация привилегий]
Баллы20

ПредыдущийОбзорДалее

Want to stay up to date on a daily basis?

Enable the mail alert feature now!