| Title | ageerle https://github.com/ageerle/ruoyi-ai 20250328 version Unauthorized access vulnerability |
|---|
| Description | The SysNoticeController component of the open source full-stack AI development platform project "https://github.com/ageerle/ruoyi-ai" has an unauthorized access vulnerability. Attackers can modify and query the notification information sent to users by this management system without any access credentials. |
|---|
| Source | ⚠️ https://github.com/Tr0e/CVE_Hunter/blob/main/ruoyi-ai/ruoyi-ai_UnauthorizedAccess_02.md |
|---|
| User | Anonymous User |
|---|
| Submission | 03/29/2025 06:46 (1 Year ago) |
|---|
| Moderation | 04/03/2025 14:54 (5 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 303156 [ageerle ruoyi-ai up to 2.0.0 SysNoticeController.java improper authorization] |
|---|
| Points | 17 |
|---|