Отправить #754431: warehouse latest(git commit aaf29962ba407d22d991781de28796ee7b4670e4) Improper Access ControlsИнформация

Названиеwarehouse latest(git commit aaf29962ba407d22d991781de28796ee7b4670e4) Improper Access Controls
ОписаниеSales and salesback endpoints do not enforce permissions. Attackers can forge sales or return records, delete legitimate records, and manipulate revenue/stock data, which impacts accounting accuracy and business reporting. These endpoints should enforce role-based access control, validate ownership/workflow state, and log all changes for auditability.
Источник⚠️ https://github.com/yeqifu/warehouse/issues/63
Пользователь
 AliceS614 (UID 94277)
Представление09.02.2026 05:58 (5 месяцы назад)
Модерация20.02.2026 10:01 (11 days later)
Статуспринято
Запись VulDB347088 [yeqifu warehouse до aaf29962ba407d22d991781de28796ee7b4670e4 Sales Endpoint SalesController.java addSales/updateSales/deleteSales эскалация привилегий]
Баллы18

Want to know what is going to be exploited?

We predict KEV entries!