| Title | xxyopen novel V3.5.0 Improper Access Controls |
|---|
| Description | It is possible to perform horizontal privilege escalation to delete or modify any novel chapter of any other author. |
|---|
| Source | ⚠️ https://github.com/Sinon2003/cve/blob/main/novel/Novel%20%20has%20a%20logic%20authorization%20bypass%20vulnerability%20in%20AuthorController.md |
|---|
| User | Rorochan (UID 79656) |
|---|
| Submission | 04/15/2025 15:38 (1 Year ago) |
|---|
| Moderation | 04/28/2025 08:48 (13 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 306401 [201206030 Novel 3.5.0 Chapter AuthorController.java updateBookChapter access control] |
|---|
| Points | 14 |
|---|