| Title | dromara RuoYi-Vue-Plus 5.4.0 Arbitrary File Read |
|---|
| Description | In the RuoYi-Vue-Plus project, The endpoints /demo/mail/sendMessageWithAttachment and /demo/mail/sendMessageWithAttachments in MailController.java can be accessed without authentication and allow attackers to specify arbitrary file paths as email attachments. This leads to an arbitrary file read vulnerability, enabling exfiltration of sensitive files from the server.
Project Link: https://github.com/dromara/RuoYi-Vue-Plus
Affected Version: 5.4.0
Affected API: /demo/mail/sendMessageWithAttachment and /demo/mail/sendMessageWithAttachments
Code Location: /src/main/java/org/dromara/demo/controller/MailController.java |
|---|
| Source | ⚠️ https://github.com/ShenxiuSec/cve-proofs/blob/main/POC-20250620-01/report.md |
|---|
| User | ShenxiuSecurity (UID 84374) |
|---|
| Submission | 06/20/2025 03:57 (12 months ago) |
|---|
| Moderation | 06/30/2025 15:17 (10 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 314437 [Dromara RuoYi-Vue-Plus 5.4.0 Mail MailController.java filePath path traversal] |
|---|
| Points | 20 |
|---|