| Название | https://github.com/getmaxun https://github.com/getmaxun/maxun ≤ v0.0.28 Authentication Bypass Issues |
|---|
| Описание | In versions of maxun prior to 0.0.29, the /auth/user/ interface contained an IODR vulnerability, allowing any legitimate user to bypass authentication by iterating through all user information, effectively granting administrator privileges. |
|---|
| Источник | ⚠️ https://gist.github.com/H2u8s/1a0bdb19d5c8c8f4dc72cb49ffe9a22b |
|---|
| Пользователь | 28Hus (UID 92415) |
|---|
| Представление | 09.12.2025 15:26 (6 месяцы назад) |
|---|
| Модерация | 26.12.2025 19:11 (17 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 338477 [getmaxun до 0.0.28 Authentication Endpoint auth.ts router.get эскалация привилегий] |
|---|
| Баллы | 16 |
|---|