Submit #629873: LiuYuYang01 https://github.com/LiuYuYang01/ThriveX-Blog <=3.1.7 Incorrect Authorizationinfo

TitleLiuYuYang01 https://github.com/LiuYuYang01/ThriveX-Blog <=3.1.7 Incorrect Authorization
DescriptionLiuYuYang01 ThriveX-Blog Project <=3.1.7 Version Incorrect Authorization Vulnerability. Due to the API /web_config/json/name/web not validating current user permissions, this means any user with a valid token can call the updateJsonValueByName method to modify website configuration.
Source⚠️ https://github.com/echo0d/vulnerability/blob/main/LiuYuYang01_ThriveX-Blog/IncorrectAuthorization.md
User
 echo0d (UID 81331)
Submission08/06/2025 17:50 (9 months ago)
Moderation08/19/2025 09:53 (13 days later)
StatusAccepted
VulDB entry320530 [LiuYuYang01 ThriveX-Blog up to 3.1.7 web updateJsonValueByName improper authorization]
Points18

PreviousOverviewNext

Do you need the next level of professionalism?

Upgrade your account now!