Submit #589495: szluyu99 https://github.com/szluyu99/gin-vue-blog commit 61dd11ccd296e8642a318ada3ef7b3f7776d2410 Improper Access Controlsinfo

Titleszluyu99 https://github.com/szluyu99/gin-vue-blog commit 61dd11ccd296e8642a318ada3ef7b3f7776d2410 Improper Access Controls
DescriptionThe UpdateConfig API is incorrectly placed in the unauthenticated route group base. This allows attackers to directly craft requests to tamper with the website's configuration information (such as the website name, record number, comment moderation switch, etc.). This can lead to data pollution, security mechanism failure, or service disruption.
Source⚠️ https://github.com/szluyu99/gin-vue-blog/issues/28
User
 Tritium (UID 50779)
Submission06/03/2025 17:16 (1 Year ago)
Moderation06/15/2025 09:02 (12 days later)
StatusAccepted
VulDB entry312568 [szluyu99 gin-vue-blog up to 61dd11ccd296e8642a318ada3ef7b3f7776d2410 PATCH Request manager.go improper authorization]
Points18

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!